ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-710 All Questions

View all questions & answers for the 300-710 exam
Go to Exam

Exam 300-710 topic 1 question 133 discussion

Actual exam question from Cisco's 300-710
Question #: 133
Topic #: 1
[All 300-710 Questions]

A network administrator discovers that a user connected to a file server and downloaded a malware file. The Cisco FMC generated an alert for the malware event, however the user still remained connected. Which Cisco AMP file rule action within the Cisco FMC must be set to resolve this issue?

  • A. Malware Cloud Lookup
  • B. Reset Connection
  • C. Detect Files
  • D. Local Malware Analysis
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by kakakayayaya at June 4, 2021, 6:02 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Bobster02
Highly Voted 3 years, 7 months ago
Reset Connection indeed.
upvoted 12 times
...
Heorhiiyatskovskyi
Highly Voted 3 years, 5 months ago
Cisco recommends that you enable Reset Connection for the Block Files and Block Malware actions to prevent blocked application sessions from remaining open until the TCP connection resets. If you do not reset connections, the client session will remain open until the TCP connection resets itself. Answer - Reset connection
upvoted 9 times
...
bds90
Most Recent 1 year ago
Selected Answer: B
Action Resets Connection? Block Files yes (recommended) Block Malware yes (recommended) Detect Files no Malware Cloud Lookup no
upvoted 1 times
...
z6st2a1jv
1 year, 2 months ago
Selected Answer: B
It cannot be A: Malware Cloud Lookup: This action queries the AMP cloud to determine if files traversing your network contain malware. It allows you to obtain and log the file’s disposition based on its SHA-256 hash value. However, it allows the file through regardless of the disposition
upvoted 1 times
...
Cokamaniako
1 year, 9 months ago
Selected Answer: B
"Cisco recommends that you enable Reset Connection for the Block Files and Block Malware actions to prevent blocked application sessions from remaining open until the TCP connection resets. If you do not reset connections, the client session will remain open until the TCP connection resets itself. " https://www.examtopics.com/discussions/cisco/view/54536-exam-300-710-topic-1-question-133-discussion/
upvoted 2 times
...
saad_SEIU
1 year, 9 months ago
it is A, The question is (Which Cisco AMP file rule action within the Cisco FMC must be set to resolve this issue?) there is no Reset Connection option.
upvoted 1 times
...
xziomal9
2 years, 7 months ago
Selected Answer: B
Correct answer is: B
upvoted 2 times
...
trickbot
2 years, 11 months ago
Selected Answer: B
What they said
upvoted 1 times
...
liqucika
3 years ago
Selected Answer: B
Reset connection
upvoted 1 times
...
Sarbi
3 years, 4 months ago
It is understood should be reset connection.
upvoted 3 times
...
kakakayayaya
3 years, 8 months ago
Reset Connection
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel