200-201 Question #59: Real Exam Question with Answer & Explanation

Sign in or unlock 200-201 to reveal the answer and full explanation for question #59. The question stem and answer options stay visible for context.

Submitted by weili_xi· Mar 6, 2026Host-Based Analysis

Question

An engineer runs a suspicious file in a sandbox analysis tool to see the outcome. The analysis report shows that outbound callouts were made post infection. Which two pieces of information from the analysis report are needed to investigate the callouts? (Choose two.)

Options

Asignatures
Bhost IP addresses
Cfile size
Ddropped files
Edomain names

Unlock 200-201 to see the answer

You've previewed enough free 200-201 questions. Unlock 200-201 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock 200-201 - $49.99 / 30 days Sign in

Topics

#malware analysis#sandbox analysis#network forensics#C2 communication

Full 200-201 Practice Browse All 200-201 Questions