nerdexam
Cisco

350-401 · Question #728

Which two characteristics apply to the endpoint security aspect of the Cisco Threat Defense architecture? (Choose two.)

The correct answer is B. outbound URL analysis and data transfer controls D. blocking of fileless malware in real time. Endpoint security in the Cisco Threat Defense architecture focuses on controlling outbound data flows and blocking advanced threats like fileless malware directly on the endpoint.

Submitted by viktor_hu· Mar 6, 2026Security

Question

Which two characteristics apply to the endpoint security aspect of the Cisco Threat Defense architecture? (Choose two.)

Options

  • Adetect and black ransomware in email attachments
  • Boutbound URL analysis and data transfer controls
  • Cuser context analysis
  • Dblocking of fileless malware in real time
  • Ecloud-based analysis of threats

How the community answered

(30 responses)
  • A
    3% (1)
  • B
    87% (26)
  • C
    3% (1)
  • E
    7% (2)

Why each option

Endpoint security in the Cisco Threat Defense architecture focuses on controlling outbound data flows and blocking advanced threats like fileless malware directly on the endpoint.

Adetect and black ransomware in email attachments

Detecting and blocking ransomware in email attachments is primarily a function of email security gateways, although endpoint protection can provide a last line of defense.

Boutbound URL analysis and data transfer controlsCorrect

Endpoint security solutions monitor and control data leaving an endpoint, providing capabilities such as outbound URL analysis to prevent access to malicious sites and data transfer controls to prevent data exfiltration.

Cuser context analysis

User context analysis is a broader security capability often integrated across various security layers (e.g., identity, network access control) rather than being a specific, standalone characteristic unique to endpoint security itself.

Dblocking of fileless malware in real timeCorrect

Advanced endpoint protection platforms (EPP) and endpoint detection and response (EDR) solutions are designed to detect and block sophisticated threats like fileless malware, which operate in memory without leaving traditional file artifacts, in real time on the endpoint.

Ecloud-based analysis of threats

Cloud-based analysis of threats is a method employed by many modern security solutions (e.g., email, network, endpoint) but is a processing characteristic rather than a unique functional aspect specific to endpoint security.

Concept tested: Cisco Threat Defense Endpoint Security Features

Source: https://www.cisco.com/c/en/us/solutions/security/endpoint-security.html

Topics

#Cisco Threat Defense#Endpoint protection#Fileless malware blocking#Data transfer controls

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice