Cisco Exam 350-701 Topic 12 Question 76 Discussion

Actual exam question for Cisco's 350-701 exam

Question #: 76
Topic #: 12

An engineer must configure Cisco AMP for Endpoints so that it contains a list of files that should not be executed by users. These files must not be quarantined. Which action meets this configuration requirement?

AIdentity the network IPs and place them in a blocked list.

BModify the advanced custom detection list to include these files.

CCreate an application control blocked applications list.

DAdd a list for simple custom detection.

Show Suggested Answer

Suggested Answer: C

by Ceola at Oct 18, 2023, 10:40 AM

Limited Time Offer

25%

Off

Get Premium 350-701 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Deeann

6 months ago

Hmm, I'm not sure. B and C both sound plausible, but I feel like there might be a simpler solution. What about D - adding a list for simple custom detection? That could be a more straightforward way to achieve the same goal.

upvoted 0 times

...

Colton

6 months ago

Ooh, good catch on the quarantining part. I was also thinking C, but now I'm reconsidering. What about B - modifying the advanced custom detection list? That seems like it might do the trick without the extra step of creating a blocked applications list.

upvoted 0 times

...

Altha

6 months ago

You're right, option A doesn't seem to be the answer. I'm leaning towards C - creating an application control blocked applications list. That way, the files won't be executed without being quarantined, which is what the question is asking for.

upvoted 0 times

...

Blondell

6 months ago

Hmm, this seems like a tricky one. I'm not too familiar with Cisco AMP for Endpoints, but I think the key here is to not quarantine the files. That rules out option A, since that's about blocking network IPs, not specific files.

upvoted 0 times

...