Cisco
700-765 · Question #132
700-765 Question #132: Real Exam Question with Answer & Explanation
The correct answer is D: It determines the scope and cause of an outbreak and tracks suspicious files. Cisco AMP's Device Trajectory feature helps with breach remediation by identifying the scope of an outbreak and tracking how suspicious files moved across a device over time.
Question
How do AMP's device trajectory capabilities help address customers' breach remediation issues?
Options
- AIt tracks file behavior across the network to see which devices it enters and exits
- BIt analyzes the data from suspicious files to provide a new level of threat intelligence
- CIt searches for potential threats based on identified activities and behaviors
- DIt determines the scope and cause of an outbreak and tracks suspicious files
Explanation
Cisco AMP's Device Trajectory feature helps with breach remediation by identifying the scope of an outbreak and tracking how suspicious files moved across a device over time.
Common mistakes.
- A. Tracking files as they enter and exit multiple devices across the network describes AMP's File Trajectory feature, not Device Trajectory, which is scoped to a single device's activity timeline.
- B. Analyzing suspicious file data to produce new threat intelligence is a function of AMP's cloud threat intelligence engine and ThreatGrid integration, not Device Trajectory.
- C. Searching for threats based on identified behaviors describes AMP's retrospective security and Indicators of Compromise (IoC) scanning capabilities, not the specific purpose of Device Trajectory.
Concept tested. Cisco AMP Device Trajectory breach remediation function
Reference. https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html
Community Discussion
No community discussion yet for this question.