An engineer must configure Cisco AMP for Endpoints so that it contains a list of files that should not be executed by users. These files must not be quarantined. Which action meets this configuration requirement?
Hmm, I'm not sure. B and C both sound plausible, but I feel like there might be a simpler solution. What about D - adding a list for simple custom detection? That could be a more straightforward way to achieve the same goal.
Ooh, good catch on the quarantining part. I was also thinking C, but now I'm reconsidering. What about B - modifying the advanced custom detection list? That seems like it might do the trick without the extra step of creating a blocked applications list.
You're right, option A doesn't seem to be the answer. I'm leaning towards C - creating an application control blocked applications list. That way, the files won't be executed without being quarantined, which is what the question is asking for.
Hmm, this seems like a tricky one. I'm not too familiar with Cisco AMP for Endpoints, but I think the key here is to not quarantine the files. That rules out option A, since that's about blocking network IPs, not specific files.
upvoted 0 times
...
Log in to Pass4Success
Sign in:
Report Comment
Is the comment made by USERNAME spam or abusive?
Commenting
In order to participate in the comments you need to be logged-in.
You can sign-up or
login
Deeann
7 days agoColton
8 days agoAltha
9 days agoBlondell
10 days ago