200-201 • Timed Practice Test 5
This is a timed practice session. You have 10 minutes to answer 10 questions — approximately 1 minute per question, matching real 200-201 exam pace. Answer every question before time expires.
Time remaining
10:00
Exam-pace drill
Allow 1 minute per question. On the real 200-201 exam you have approximately 72 seconds per question — this session trains you to maintain that pace under pressure.
A SOC analyst is tuning an IPS rule that detects SQL injection attempts. The rule currently generates a high number of alerts, most of which are false positives caused by legitimate web application traffic containing SQL-like keywords. The analyst wants to reduce false positives without missing actual attacks. Which approach is most effective?