200-201 Question #377: Real Exam Question with Answer & Explanation

Sign in or unlock 200-201 to reveal the answer and full explanation for question #377. The question stem and answer options stay visible for context.

Submitted by yuki_2020· Mar 6, 2026Network Intrusion Analysis

Question

Refer to exhibit. An engineer is investigating an intrusion and is analyzing the pcap file. Which two key elements must an engineer consider? (Choose two.)

Options

Avariable "info" field and unchanging sequence number
Bhigh volume of SYN packets with very little variance in time
CSYN packets acknowledged from several source IP addresses
Didentical length of 120 and window size (64)
Esame source IP address with a destination port 80

Unlock 200-201 to see the answer

You've previewed enough free 200-201 questions. Unlock 200-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock 200-201 - $49.99 / 30 days Sign in

Topics

#Packet analysis#Network intrusion detection#SYN flood#DDoS

Full 200-201 Practice Browse All 200-201 Questions