Certified Network Defender (CND) — Question 35

Which NIST Incident category includes any activity that seeks to access or identify a federal agency computer, open ports, protocols, service or any combination for later exploit?

Answer options

• A. Malicious code
• B. Scans/ Probes/ Attempted Access
• C. Denial-of-Service
• D. Improper usage

Correct answer: B

Explanation

The correct answer is B, as this category specifically refers to activities that involve scanning or probing systems in order to identify vulnerabilities for potential exploitation. Options A, C, and D refer to different types of incidents: A involves harmful software, C pertains to attacks that disrupt services, and D relates to misuse of resources rather than probing for vulnerabilities.