350-701 Question #15: Real Exam Question with Answer & Explanation

Question

An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware. Which two solutions mitigate the risk of this ransomware infection? (Choose two.)

Options

• AConfigure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before
• BSet up a profiling policy in Cisco Identity Service Engine to check and endpoint patch level before
• CConfigure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level
• DConfigure endpoint firewall policies to stop the exploit traffic from being allowed to run and
• ESet up a well-defined endpoint patching strategy to ensure that endpoints have critical

Explanation

Cisco ISE posture policies can check for and enforce the installation of critical patches like MS17-010 to mitigate ransomware vulnerabilities.

Common mistakes.

• B. Profiling in Cisco ISE identifies and categorizes endpoints based on various attributes but is not used to check for specific patch levels or to initiate patch installation for posture compliance.
• D. While endpoint firewall policies can help prevent the spread or execution of exploit traffic post-compromise, they do not directly address or remediate the root vulnerability of a missing patch.
• E. Setting up a well-defined endpoint patching strategy is a good overall practice but does not represent a specific, immediate technical solution using Cisco products to mitigate the discovered vulnerability as the other options do.

Concept tested. Cisco ISE Posture Remediation (Patch Management)

Reference. https://www.cisco.com/c/en/us/td/docs/security/ise/2-7/admin_guide/b_ISE_admin_guide_27/b_ISE_admin_guide_27_chapter_0100.html

No community discussion yet for this question.