nerdexam
Exams200-201Questions#456
CiscoCisco

200-201 · Question #456

200-201 Question #456: Real Exam Question with Answer & Explanation

The correct answer is C: IPS. The exhibit shows events labeled as "Attack Sampled" and actions such as "Drop" for packets with bad TCP flags. This indicates that the system is not only detecting the malicious activity but actively preventing it by dropping packets. This behavior aligns with the functionality

Submitted by ngozi_ng· Mar 6, 2026Security Monitoring

Question

Refer to the exhibit. An engineer is analyzing events from a recent attack attempt on an organization where threat actors managed to target HR critical servers within the internal network. Which technology generated these events?

Options

  • AIDS
  • Bproxy
  • CIPS
  • Dnext-generation firewall

Explanation

The exhibit shows events labeled as "Attack Sampled" and actions such as "Drop" for packets with bad TCP flags. This indicates that the system is not only detecting the malicious activity but actively preventing it by dropping packets. This behavior aligns with the functionality of an Intrusion Prevention System (IPS), which can block suspicious or malicious traffic in real time.

Topics

#IPS Alerts#Intrusion Prevention#Security Event Analysis

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 200-201 PracticeBrowse All 200-201 Questions