ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-201 All Questions

View all questions & answers for the 200-201 exam
Go to Exam

Exam 200-201 topic 1 question 256 discussion

Actual exam question from Cisco's 200-201
Question #: 256
Topic #: 1
[All 200-201 Questions]

What is the difference between indicator of attack (IoA) and indicators of compromise (IoC)?

  • A. IoA refers to the individual responsible for the security breach, and IoC refers to the resulting loss.
  • B. IoA is the evidence that a security breach has occurred, and IoC allows organizations to act before the vulnerability can be exploited.
  • C. IoC refers to the individual responsible for the security breach, and IoA refers to the resulting loss.
  • D. IoC is the evidence that a security breach has occurred, and IoA allows organizations to act before the vulnerability can be exploited.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by cy_analyst at Oct. 13, 2022, 9:45 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SecurityGuy
8 months, 1 week ago
Selected Answer: D
IoC = Evidence of an attack that happened. IoA = Indicators that an attack will or can happen. IoA Digital or physical evidence of a cyberattacker's intent to attack. IOA detection focuses specifically on an adversary's motive rather than specific tools or methods used. https://www.strongdm.com/what-is/indicator-of-attack-ioa-security#:~:text=An%20indicator%20of%20attack%20(IOA,specific%20tools%20or%20methods%20used.
upvoted 3 times
...
Swordfishtaco
10 months ago
Selected Answer: D
IOCs are artifacts that suggest a system has been breached, while IOAs are patterns of behavior that indicate an attack is underway
upvoted 2 times
...
mozaki
1 year, 1 month ago
Selected Answer: D
the answer is D This is correct because an Indicator of Compromise (IoC) is a sign that a system or network has already been compromised, and is used to determine if an attack has already occurred and to identify the scope of the compromise. An Indicator of Attack (IoA), on the other hand, is a signal or pattern that suggests an attack is currently underway or about to occur, and is used to detect and respond to an attack in progress.
upvoted 3 times
...
sman22
1 year, 2 months ago
Fo my is right D. I think that IoC is the evidence that a security breach has occurred. and IoA permit prepare for future methods of attack.
upvoted 2 times
...
drdecker100
1 year, 2 months ago
Answer: D This is correct because an Indicator of Compromise (IoC) is a sign that a system or network has already been compromised, and is used to determine if an attack has already occurred and to identify the scope of the compromise. An Indicator of Attack (IoA), on the other hand, is a signal or pattern that suggests an attack is currently underway or about to occur, and is used to detect and respond to an attack in progress.
upvoted 3 times
...
cy_analyst
1 year, 6 months ago
Selected Answer: B
I think clearly B --> IoA is the evidence that a security breach has occurred, and IoC allows organizations to act before the vulnerability can be exploited
upvoted 1 times
cy_analyst
1 year, 6 months ago
D is the right answer.
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago