Cisco Exam 300-710 Topic 3 Question 97 Discussion

Actual exam question for Cisco's 300-710 exam

Question #: 97
Topic #: 3

An organization created a custom application that is being flagged by Cisco Secure Endpoint. The application must be exempt from being flagged. What is the process to meet the requirement?

AModify the custom detection list to exclude me custom application.

BPreculculate the hash value of the custom application and add it to the allowed applications.

CConfigure the custom application to use the information-store paths.

DAdd the custom application to the DFC 1st and update the policy.

Show Suggested Answer

Suggested Answer: B

To exempt a custom application from being flagged by Cisco Secure Endpoint, the organization must precalculate the hash value of the custom application and add it to the allowed applications list. This process involves creating a hash of the executable file, which uniquely identifies it, and then configuring Cisco Secure Endpoint to recognize this hash as trusted.

Steps:

Calculate the hash value (e.g., SHA-256) of the custom application executable.

In the Cisco Secure Endpoint management console, navigate to the policy configuration.

Add the calculated hash value to the list of allowed applications or exclusions.

Save and deploy the updated policy.

By adding the hash value to the allowed applications, Cisco Secure Endpoint will recognize the custom application as trusted and will no longer flag it.

by Elke at Sep 19, 2024, 05:15 PM

Limited Time Offer

25%

25 days ago

I think the answer is A) Modify the custom detection list to exclude the custom application.

upvoted 0 times

...