200-201 · Question #378
200-201 Question #378: Real Exam Question with Answer & Explanation
The correct answer is C: items before being established as harmful or malicious. A greylist in endpoint applications refers to a list of items that are not yet classified as either good (whitelisted) or bad (blacklisted). The primary function of a greylist is to hold applications, processes, or files that are under observation due to their unknown status. The
Question
For which items is an end-point application greylist used?
Options
- Aitems that have been installed with a baseline
- Bitems that have been established as malicious
- Citems before being established as harmful or malicious
- Ditems that have been established as authorized
Explanation
A greylist in endpoint applications refers to a list of items that are not yet classified as either good (whitelisted) or bad (blacklisted). The primary function of a greylist is to hold applications, processes, or files that are under observation due to their unknown status. These items are neither trusted nor immediately flagged as harmful, allowing security teams to monitor them closely for any suspicious behavior. By placing items on a greylist, security operations can prevent potential threats without disrupting legitimate processes, awaiting further analysis to determine their true nature.
Topics
Community Discussion
No community discussion yet for this question.