700-765 · Question #177
How do AMP file trajectory capabilities help customers deal with malware?
The correct answer is A. tracks suspicious fie across the network to determine the scope of an outbreak. AMP file trajectory tracks the movement and spread of a suspicious file across the network after it has been detected, enabling analysts to determine the full scope of a malware outbreak.
Question
How do AMP file trajectory capabilities help customers deal with malware?
Options
- Atracks suspicious fie across the network to determine the scope of an outbreak
- Bregulates device access to malicious files on the network
- Celiminates malicious files from company and personal devices
- Dtracks a file before it enters the network
How the community answered
(44 responses)- A80% (35)
- B2% (1)
- C14% (6)
- D5% (2)
Why each option
AMP file trajectory tracks the movement and spread of a suspicious file across the network after it has been detected, enabling analysts to determine the full scope of a malware outbreak.
File trajectory is a specific AMP capability that maps the complete communication path of a file across hosts and network devices over time, showing where it originated, which endpoints it reached, and when those transfers occurred. This gives security teams full visibility into the blast radius of an infection so they can prioritize and scope remediation efforts accurately. It is a post-detection investigative tool focused on outbreak scope, not prevention.
Regulating device access to malicious files is a network access control function associated with Identity Services Engine (ISE), not a capability of AMP file trajectory.
Eliminating malicious files from devices describes AMP's retrospective quarantine and remediation capabilities, which are distinct from the trajectory feature that only tracks and maps file movement.
Tracking a file before it enters the network describes a pre-execution or threat intelligence function, whereas file trajectory specifically operates after a file has already traversed the network.
Concept tested: Cisco AMP file trajectory for malware outbreak scoping
Source: https://www.cisco.com/c/en/us/td/docs/security/amp/user-guide/ug-amp-endpoints.html
Topics
Community Discussion
No community discussion yet for this question.