Which two statement about the Cisco FireAMP solution are true?

Which two statement about the Cisco FireAMP solution are true?(Choose two)
A. It can perform dynamic analysis in the FireAMP Private Cloud
B. The Fire AMP Connector can detect malware in network traffic and when files are downloaded and executed
C. The FireAMP Private Cloud provides an on premises option for file disposition lookups and retrospective event generation
D. The FireAMP connector is compatible with antivirus software on the endpoint, but you must configure an exclusion to prevent the Connector from scanning the antivirus directory
E. The FireAMP Connector can provide information about potentially malicious network connections
F. The FireAMP Private cloud can act as an anonymized proxy to transport endpoint event data to the AMP public cloud for disposition lookups
G. When a FireAMP Connector detecs malware in network traffic it generates a malware event and a network event

cisco-exams

3 thoughts on “Which two statement about the Cisco FireAMP solution are true?

  1. B and C

    https://www.cisco.com/c/en/us/products/collateral/security/fireamp-endpoints/datasheet-c78-733181.html

    Malicious activity protection: AMP for Endpoints continually monitors all endpoint activity and provides run-time detection and blocking of abnormal behavior of a running program on the endpoint. For example, when endpoint behavior indicates ransomware, the offending processes are terminated, preventing endpoint encryption and stopping the attack.

    Cognitive intelligence: AMP for Endpoints performs agentless detections when deployed alongside a compatible web proxy through cognitive intelligence. This uses machine learning and artificial intelligence to correlate traffic generated by users to reliably identify command and control traffic, data exfiltration, and possibly unwanted applications already operating in the environment.

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.