200-201 Question #538: Real Exam Question with Answer & Explanation

Sign in or unlock 200-201 to reveal the answer and full explanation for question #538. The question stem and answer options stay visible for context.

Submitted by anna_se· Mar 6, 2026Network Intrusion Analysis

Question

Refer to the exhibit. A security engineer receives several alerts from the SNORT IPS/IDS reporting malicious traffic. What should the engineer understand by examining the SNORT logs?

Options

AA remote threat performs an EternalBlue attack on a Windows system on several ports.
BAn inside threat performs an EternalBlue attack on hosts 192.168.2.101 and 192.168.200.10 on
CA remote threat performs an EternalBlue attack on several hosts and different ports.
DAn inside threat performs an EternalBlue attack on a Windows system on port 445.

Unlock 200-201 to see the answer

You've previewed enough free 200-201 questions. Unlock 200-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock 200-201 - $49.99 / 30 days Sign in

Topics

#SNORT#IPS/IDS#Network intrusion#EternalBlue exploit#Alert analysis

Full 200-201 Practice Browse All 200-201 Questions