Cisco Exam 300-710 Topic 3 Question 97 Discussion

Actual exam question for Cisco's 300-710 exam

Question #: 97
Topic #: 3

An organization created a custom application that is being flagged by Cisco Secure Endpoint. The application must be exempt from being flagged. What is the process to meet the requirement?

AModify the custom detection list to exclude me custom application.

BPreculculate the hash value of the custom application and add it to the allowed applications.

CConfigure the custom application to use the information-store paths.

DAdd the custom application to the DFC 1st and update the policy.

Show Suggested Answer

Suggested Answer: B

To exempt a custom application from being flagged by Cisco Secure Endpoint, the organization must precalculate the hash value of the custom application and add it to the allowed applications list. This process involves creating a hash of the executable file, which uniquely identifies it, and then configuring Cisco Secure Endpoint to recognize this hash as trusted.

Steps:

Calculate the hash value (e.g., SHA-256) of the custom application executable.

In the Cisco Secure Endpoint management console, navigate to the policy configuration.

Add the calculated hash value to the list of allowed applications or exclusions.

Save and deploy the updated policy.

By adding the hash value to the allowed applications, Cisco Secure Endpoint will recognize the custom application as trusted and will no longer flag it.

by Elke at Sep 19, 2024, 05:15 PM

Limited Time Offer

25%

Off

Get Premium 300-710 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Rosamond

2 months ago

I'm going with B. Seems like the most reliable way to handle this without any potential side effects. Although, I do wonder if Cisco Secure Endpoint has a sense of humor...

upvoted 0 times

Tess

29 days ago

User1: I wonder if Cisco Secure Endpoint has a sense of humor though.

upvoted 0 times

...

Alana

1 months ago

Yeah, I agree. It's better to precalculate the hash value of the custom application.

upvoted 0 times

...

Elroy

2 months ago

I think B is the best option too. It's a reliable way to handle it.

upvoted 0 times

...

Theola

2 months ago

Haha, I bet the developer of this custom app is just hoping it doesn't get flagged at all. Maybe they should have named it 'Cisco Approved' instead of 'Custom Application'.

upvoted 0 times

...

Dorothy

2 months ago

Wait, what's DFC 1st? I've never heard of that before. Option D sounds a bit sketchy to me.

upvoted 0 times

Cary

1 months ago

Georgiana: That makes sense. I'll go with option A then. Thanks for the help!

upvoted 0 times

...

Georgiana

2 months ago

Kenneth: I think option A is the best choice. Modifying the custom detection list to exclude the custom application seems like the safest bet.

upvoted 0 times

...

Kenneth

2 months ago

Oh, I see. Thanks for clarifying that. So, what do you think is the best option to exempt the custom application?

upvoted 0 times

...

Della

2 months ago

DFC 1st stands for Dynamic File Classification 1st. It's a feature in Cisco Secure Endpoint.

upvoted 0 times

...

Cordelia

3 months ago

Hmm, I'm not sure. But I like the idea of using the information-store paths in option C. It seems like a more proactive approach than just modifying the detection list.

upvoted 0 times

...

Elbert

3 months ago

I think the answer is B. Precomputing the hash value and adding it to the allowed applications sounds like the most straightforward way to exempt the custom application from being flagged.

upvoted 0 times