Which features does Cisco EDR use to provide threat detection and response protection?
Which features does Cisco EDR use to provide threat detection and response protection?
Cisco Endpoint Detection and Response (EDR) utilizes features like containment, threat intelligence, and machine learning to provide threat detection and response protection. Containment helps in isolating threats, threat intelligence offers information on emerging threats, and machine learning aids in analyzing and identifying potential threats based on patterns and behaviors.
Zero mention of this in OCG. I'm beginning to think that 25%-50% of these questions aren't covered in the official materials.
The book seems to cover about 60% of the exam questions that I have seen, but not in the detail of some of these questions.
To me it looks like A is the right choice. https://www.cisco.com/c/en/us/products/security/endpoint-security/what-is-endpoint-detection-response-edr-medr.html#~edr-capabilities
Is Cisco EDR really in the scope of EN-COR ? I think this is more S-COR question.
This is a brain dump from 350-401 is it not? so someone actually saw this question on the exam?
A is correct. https://www.cisco.com/c/dam/en/us/products/collateral/security/mdr-for-cisco-secure-endpoint.pdf
This product is formally called AMP4E
EDR in the context of Cisco typically refers to Endpoint Detection and Response. It is a cybersecurity solution designed to detect, investigate, and respond to threats on endpoints like laptops, desktops, and servers. Cisco's EDR capabilities are part of its broader security platform, often integrated into Cisco Secure Endpoint (formerly known as Cisco AMP4E). Key Features of Cisco EDR: Threat Detection - Incident Investigation - Automated Response - Threat Hunting - Integration
A is correct