ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-701 All Questions

View all questions & answers for the 350-701 exam
Go to Exam

Exam 350-701 topic 1 question 387 discussion

Actual exam question from Cisco's 350-701
Question #: 387
Topic #: 1
[All 350-701 Questions]

Which endpoint protection and detection feature performs correlation of telemetry, files, and intrusion events that are flagged as possible active breaches?

  • A. elastic search
  • B. file trajectory
  • C. indication of compromise
  • D. retrospective detection
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
Reference:
https://www.cisco.com/c/en/us/solutions/collateral/enterprise-networks/advanced-malware-protection/solution-overview-c22-734228.html
by azertyu at Feb. 1, 2023, 9:12 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Cokamaniako
10 months, 2 weeks ago
Aswer C https://media.zones.com/images/pdf/cisco-amp-for-endpoints-at-a-glance.pdf
upvoted 1 times
...
azertyu
1 year, 3 months ago
Indications of compromise File, telemetry, and intrusion events are correlated and prioritized as potentially active breaches, helping security teams to rapidly identify malware incidents and connect them to coordinated attacks.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel