what, is meant by simple custom detection?

Which Cisco AMP for Endpoints, what, is meant by simple custom detection?

Which Cisco AMP for Endpoints, what, is meant by simple custom detection?

A.
It is a rule for identifying a file that should be whitelisted by Cisco AMP.

B.
It is a method for identifying and quarantining a specific file by its SHA-256 hash.

C.
It is a feature for configuring a personal firewall.

D.
It is a method for identifying and quarantining a set of files by regular expression
language.

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

Kim

Kim

B. It is a method for identifying and quarantining a specific file by its SHA-256 hash.

“A Simple Custom Detection list is similar to a blacklist. These are files that you want to detect and quarantine […] You can add a single SHA-256 and create a note about the file.”
(AMP for Endpoints user guide)

Reply

rs

rs

B is correct, simple custom detection is blacklist

Reply

Ibrahim

Ibrahim

I think the dumps are very good for the people who do not have much time for their Cisco 300-210 exam preparation. You can easily pass the exam only by memorize the exam questions. Believe or not, I did so and I passed my 300-210 exam:

QUESTION 1
Which type of server is required to communicate with a third-party DLP solution?

A. an !CAP-capable proxy server
B. a PKI certificate server
C. an HTTP server
D. an HTTPS server

Answer: A

QUESTION 2
Which detection method is also known as machine learning on Network-based Cisco Advanced Malware Protection?

A. custom file detection
B. hashing
C. Spero engine
D. dynamic analysis

Answer: B

QUESTION 3
Which policy is used to capture host information on the Cisco Next Generation Intrusion Prevention System?

A. network discovery
B. correlation
C. intrusion
D. access control

Answer: C

QUESTION 4
With Cisco FirePOWER Threat Defense software, which interface mode do you configure for an IPS deployment, where traffic passes through the appliance but does not require VLAN rewriting?

A. inline set
B. passive
C. inline tap
D. routed
E. transparent

Answer: D

QUESTION 5
How does the WSA policy trace tool make a request to the Proxy to emulate a client request?

A. explicitly
B. transparently
C. via WCCP
D. via policy-based routing

Answer: C

QUESTION 6
With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?

A. vulnerable software
B. file analysis
C. detections
D. prevalence
E. threat root cause

Answer: B

QUESTION 7
……

More questions are on my blog: http://www.freebraindump.com/?s=300-210
Hope it can help u a lot!

Reply