Which of the following statements is true regarding the outbreak control feature of AMP for Endpoints? (Select
the best answer.)
A.
It cannot block polymorphic malware.
B.
It must wait for a content update before blocking specific files.
C.
It cannot whitelist specific applications.
D.
It can use application blocking lists to contain compromised applications.
Explanation:
The outbreak control feature of Cisco Advanced Malware Protection (AMP) for Endpoints can use application
blocking lists to contain compromised applications. AMP for Endpoints is a hostbased malware detection and
prevention platform that runs on Microsoft Windows, Mac OS X, Linux, and Google Android. Like many other
antimalware packages, AMP for Endpoints monitors network traffic and application behavior to protect a host
from malicious traffic. However, unlike many of its competitors, AMP for
Endpoints continues its analysis after a disposition has been assigned to a file or traffic flow. When malware is
detected, the outbreak control feature of AMP for Endpoints can use application blocking to ensure that a
compromised application is contained and that it does not spread the infection. Outbreak control provides for
granular control over which applications are blocked and can use whitelists to ensure that missioncritical
software continues to run even during an outbreak.
The outbreak feature works in conjunction with the continuous analysis, continuous detection, and retrospective
security features of AMP for Endpoints to quickly contain and control the spread of malware. Once a file or
application has been detected as malicious, the outbreak control feature can use custom detection rules to
quickly block the specific file or application without waiting for a signature file content update. In addition,
custom signatures can be created to detect polymorphic malware, which is malicious software than can evolve
its code or behavior as it propagates.Cisco: Cisco Advanced Malware Protection Solution Overview
Cisco: Cisco Advanced Malware Protection for Endpoints Data Sheet