CiscoCisco
200-201 · Question #559
200-201 Question #559: Real Exam Question with Answer & Explanation
Sign in or unlock 200-201 to reveal the answer and full explanation for question #559. The question stem and answer options stay visible for context.
Submitted by devops_kid· Mar 6, 2026Host-Based Analysis
Question
Refer to the exhibit. A SOC engineer is analyzing this Cuckoo Sandbox report for a file that has been identified as suspicious by the endpoint security system. What is the state of the file?
Options
- AThe file was detected as an executable binary file, but no suspicious activity was detected and it is
- BThe file was detected as executable and was marked by the SSDeep hashing algorithm as
- CThe file was identified as PE32 executable with a high level of entropy to bypass AV via
- DThe file identified as an executable binary for Microsoft Word with macros creating hidden process
Unlock 200-201 to see the answer
You've previewed enough free 200-201 questions. Unlock 200-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Cuckoo Sandbox#malware analysis#file entropy#AV evasion