350-401 · Question #728
Which two characteristics apply to the endpoint security aspect of the Cisco Threat Defense architecture? (Choose two.)
The correct answer is B. outbound URL analysis and data transfer controls D. blocking of fileless malware in real time. Endpoint security in the Cisco Threat Defense architecture focuses on controlling outbound data flows and blocking advanced threats like fileless malware directly on the endpoint.
Question
Which two characteristics apply to the endpoint security aspect of the Cisco Threat Defense architecture? (Choose two.)
Options
- Adetect and black ransomware in email attachments
- Boutbound URL analysis and data transfer controls
- Cuser context analysis
- Dblocking of fileless malware in real time
- Ecloud-based analysis of threats
How the community answered
(30 responses)- A3% (1)
- B87% (26)
- C3% (1)
- E7% (2)
Why each option
Endpoint security in the Cisco Threat Defense architecture focuses on controlling outbound data flows and blocking advanced threats like fileless malware directly on the endpoint.
Detecting and blocking ransomware in email attachments is primarily a function of email security gateways, although endpoint protection can provide a last line of defense.
Endpoint security solutions monitor and control data leaving an endpoint, providing capabilities such as outbound URL analysis to prevent access to malicious sites and data transfer controls to prevent data exfiltration.
User context analysis is a broader security capability often integrated across various security layers (e.g., identity, network access control) rather than being a specific, standalone characteristic unique to endpoint security itself.
Advanced endpoint protection platforms (EPP) and endpoint detection and response (EDR) solutions are designed to detect and block sophisticated threats like fileless malware, which operate in memory without leaving traditional file artifacts, in real time on the endpoint.
Cloud-based analysis of threats is a method employed by many modern security solutions (e.g., email, network, endpoint) but is a processing characteristic rather than a unique functional aspect specific to endpoint security.
Concept tested: Cisco Threat Defense Endpoint Security Features
Source: https://www.cisco.com/c/en/us/solutions/security/endpoint-security.html
Topics
Community Discussion
No community discussion yet for this question.