300-710 · Question #109
300-710 Question #109: Real Exam Question with Answer & Explanation
The correct answer is C: Dynamic analysis. {"question_number": 7, "correct_answer": "C", "explanation": "When Cisco FTD returns an 'Unknown' verdict for a file, it means the local file analysis (such as SHA-256 cloud lookup or SPERO fingerprinting) could not make a definitive determination. To further analyze the file, 'D
Question
A network administrator is seeing an unknown verdict for a file detected by Cisco FTD. Which malware policy configuration option must be selected in order to further analyse the file in the Talos cloud?
Options
- ASpero analysis
- BMalware analysis
- CDynamic analysis
- DSandbox analysis
Explanation
{"question_number": 7, "correct_answer": "C", "explanation": "When Cisco FTD returns an 'Unknown' verdict for a file, it means the local file analysis (such as SHA-256 cloud lookup or SPERO fingerprinting) could not make a definitive determination. To further analyze the file, 'Dynamic Analysis' must be enabled in the malware policy. This option submits the file to the Cisco Talos cloud sandbox (Threat Grid), where it is executed in a controlled environment to observe its behavior and return a definitive verdict. Option A (SPERO analysis) is a local machine-learning-based pre-classification that runs before cloud lookup and does not send the file to the cloud. Option B 'Malware analysis' and Option D 'Sandbox analysis' are not the correct FMC UI terminology for this feature.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.