Which characteristic applies to the endpoint security aspect of the Cisco Threat Defense architecture?
Which characteristic applies to the endpoint security aspect of the Cisco Threat Defense architecture?
The endpoint security aspect of the Cisco Threat Defense architecture includes blocking of fileless malware in real time. Fileless malware works directly within a computer's memory, and endpoint security solutions like Cisco's AMP (Advanced Malware Protection) for Endpoints are designed to defend against such threats through exploit prevention features. These capabilities allow real-time blocking of malicious activities that do not involve traditional file-based approaches.
A. detect and block ransomware in email attachments - ESA B. outbound URL analysis and data transfer controls - FirePOWER & FireSIGHT C. user context analysis - NetFlow & StealthWatch D. blocking of fileless malware in real time - AMP for Endpoints (one of the features of AMP - "The exploit prevention feature will defend endpoints from exploit-based, memory injection attacks." - where fileless malware is malicious code that works directly within a computer's memory. https://www.cisco.com/c/dam/en/us/td/docs/security/network_security/ctd/ctd2-0/design_guides/ctd_2-0_cvd_guide_jul15.pdf https://www.cisco.com/c/en/us/products/collateral/security/fireamp-endpoints/datasheet-c78-733181.html
Given answer is correct
D is the correct answer.
I think correct is C https://www.cisco.com/c/dam/en/us/td/docs/security/network_security/ctd/ctd2-0/design_guides/ctd_2-0_cvd_guide_jul15.pdf
D is correct
D is correct
Cisco AMP for Endpoints provides file-matching analysis to identify suspicious files when they are transferred onto an endpoint. AMP can provide automated blocking of suspicious files as well as the ability to track the spread of a file throughout the network using a feature known as File Trajectory