A. detect and block ransomware in email attachments - ESA
B. outbound URL analysis and data transfer controls - FirePOWER & FireSIGHT
C. user context analysis - NetFlow & StealthWatch
D. blocking of fileless malware in real time - AMP for Endpoints (one of the features of AMP - "The exploit prevention feature will defend endpoints from exploit-based, memory injection attacks." - where fileless malware is malicious code that works directly within a computer's memory.
https://www.cisco.com/c/dam/en/us/td/docs/security/network_security/ctd/ctd2-0/design_guides/ctd_2-0_cvd_guide_jul15.pdf
https://www.cisco.com/c/en/us/products/collateral/security/fireamp-endpoints/datasheet-c78-733181.html
Cisco AMP for Endpoints provides file-matching analysis to identify suspicious files when they are
transferred onto an endpoint. AMP can provide automated blocking of suspicious files as well as the
ability to track the spread of a file throughout the network using a feature known as File Trajectory
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.350-401 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Horsefeathers
Highly Voted 1 year, 4 months agochiacche
Most Recent 7 months, 2 weeks ago[Removed]
10 months, 4 weeks ago[Removed]
11 months, 2 weeks agosupershysherlock
1 year, 1 month agoteems5uk
1 year, 3 months agoFanny1493
1 year, 5 months agoCalinserban
1 year, 5 months ago