Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. Cisco
  4. CyberOps Associate
  5. 200-201 Discussions
  6. 200-201 Exam Topic 4 Question 37 Discussion
 Cisco Discussions
Exam 200-201 All Questions
Exam 200-201 All Questions

View all questions & answers for the 200-201 exam

Go to Exam

Cisco CyberOps Associate 200-201 Question # 37 Topic 4 Discussion

200-201 Exam Topic 4 Question 37 Discussion:
Question #: 37
Topic #: 4

An engineer is working on a ticket for an incident from the incident management team A week ago. an external web application was targeted by a DDoS attack Server resources were exhausted and after two hours it crashed. An engineer was able to identify the attacker and technique used Three hours after the attack, the server was restored and the engineer recommended implementing mitigation by Blackhole filtering and transferred the incident ticket back to the IR team According to NIST SP800-61, at which phase of the incident response did the engineer finish work?
A.

preparation

B.

post-incident activity

C.

containment eradication and recovery

D.

detection and analysis

Get Premium 200-201 Questions
Actual exam question for Cisco 200-201 exam by Storm56851 at Apr 30, 2026, 3:06:43 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit