Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← 200-201 Practice Hub

200-201 • Practice Test 37

200-201 Practice Test 37 — 15 Questions

Free 200-201 practice test — 15 questions with explanations. Set 37. No signup required.

15
Questions
Free
No signup
Certifications/200-201/Practice Test/Set 37
Question 1 of 150 answered
easy

You are a SOC analyst at a medium-sized enterprise. The company uses a SIEM that collects logs from firewalls, endpoints, and Active Directory. At 2:00 AM, the SIEM generates a high-priority alert: 'Multiple Failed Logins for Administrator Account from Remote IP 198.51.100.20'. The analyst on the night shift reviews the alert and sees that there were 50 failed attempts in 10 minutes, followed by a successful login at 2:12 AM. The successful login originated from the same IP. The account is a domain administrator. The analyst checks the firewall logs and sees that the IP is from a known VPN provider. The analyst also checks the endpoint logs and sees that no unusual activity has occurred after the login. The company has a policy that remote administration is allowed only from a specific jump server with IP 203.0.113.10. The analyst suspects a brute-force attack succeeded. What should the analyst do first?

Scored session

Track progress, bookmark weak spots, and get readiness analysis.

Start full session

Practice tests

Scored 10-question sessions with instant feedback and explanations.

200-201 Practice Test 1 — 10 Questions→200-201 Practice Test 2 — 10 Questions→200-201 Practice Test 3 — 10 Questions→200-201 Practice Test 4 — 10 Questions→200-201 Practice Test 5 — 10 Questions→200-201 Practice Exam 1 — 20 Questions→200-201 Practice Exam 2 — 20 Questions→200-201 Practice Exam 3 — 20 Questions→200-201 Practice Exam 4 — 20 Questions→Free 200-201 Practice Test 1 — 30 Questions→Free 200-201 Practice Test 2 — 30 Questions→Free 200-201 Practice Test 3 — 30 Questions→200-201 Practice Questions 1 — 50 Questions→200-201 Practice Questions 2 — 50 Questions→200-201 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Security Policies and ProceduresSecurity ConceptsSecurity MonitoringHost-Based AnalysisNetwork Intrusion Analysis

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

200-201 Practice HubSecurity Policies and ProceduresSecurity ConceptsSecurity MonitoringHost-Based Analysis