Exam 350-401 topic 1 question 298 discussion

I would in favor of C, E : https://www.cisco.com/c/dam/en/us/products/collateral/security/amp-for-endpoints/c11-742008-00-cisco-amp-for-endpoints-wp-v2a.pdf

The correct answer is: C. Microsoft Word macro attack E. ransomware

C and E are correct: when you see AMP4E aka Advanced malware protection for endpoints, think of the end devices directly something that could happen on the PC directly for example. like in this case you get a word document with macro in it, or run a file that contains ransomware. DDos mainly targets your network accessibility and you can't prevent it directly from the endpoint email phishing is related to user awareness and can pe prevented by the firewall for example SQL injection as I know attacks the database backend not endpoints and preventing it has nothing to do with the endpoint where the database is, it should be protected within the code

why is finding cisco documentation like pulling teeth? thank you all for posting links, it really helps me save time by not going on a freaking quest.

Email phishing (A) is more in the realm of WSA/ESA

protecting email should be the scope of ESA, macro attack and ransomware typically happens on endpoint.

As stated by others, these are the only endpoint attacks, the email security stuff covers A

Both A & C are endpoint attacks.

Yes, Word macros and ransomwawre.

I would go with CE, as both are things that happen locally on the endpoint. Email phishing (A) is more in the realm of WSA/ESA.

Provided answer is correct

C and E would be Ok. (macro eq script) https://www.cisco.com/c/en/us/products/collateral/security/fireamp-endpoints/datasheet-c78-733181.html