200-201 · Question #546
200-201 Question #546: Real Exam Question with Answer & Explanation
Sign in or unlock 200-201 to reveal the answer and full explanation for question #546. The question stem and answer options stay visible for context.
Question
An engineer is examining a particular network traffic sample from multiple sources aggregated into an alert via the company SIEM. These observations are noted within said alert: an increase in outbound traffic volume at 2 AM, multiple admin account sign-ins from geographically disparate locations, a series of encrypted file uploads to a recently blacklisted domain, and alert triggers from the DLP for unauthorized file types. What is occurring?
Options
- AA security breach is occurring that involves potential data exfiltration through unauthorized and
- BAn administrator is conducting system updates and testing encryption protocols during off hours.
- CEmployees from global offices are collaborating on a project that requires extensive file sharing
- DDisaster recovery plans are being activated, involving data replication to an offsite location for
Unlock 200-201 to see the answer
You've previewed enough free 200-201 questions. Unlock 200-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.