200-201 Question #399: Real Exam Question with Answer & Explanation

Sign in or unlock 200-201 to reveal the answer and full explanation for question #399. The question stem and answer options stay visible for context.

Submitted by layla.eg· Mar 6, 2026Network Intrusion Analysis

Question

During a quarterly vulnerability scan, a security analyst discovered unused uncommon ports open and in a listening state. Further investigation showed that the unknown application was communicating with an external IP address on an encrypted channel. A deeper analysis revealed a command and control communication on an infected server. At which step of the Cyber Kill Chain was the attack detected?

Options

AExploitation
BActions on Objectives
CWeaponization
DDelivery

Unlock 200-201 to see the answer

You've previewed enough free 200-201 questions. Unlock 200-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock 200-201 - $49.99 / 30 days Sign in

Topics

#Cyber Kill Chain#Command and Control#Incident detection

Full 200-201 Practice Browse All 200-201 Questions