Which tools are used to analyze Endpoints for AMP file activity performed on endpoints?
A . File Trajectory
B . Device Trajectory
C . File Analysis
D . Prevalence
Answer: C
Explanation:
Cisco AMP for Endpoints File Analysis (Figure 4), backed by the Talos Security Intelligence and Research Group and powered by AMP’s built-in sandboxing technology (Threat Grid), provides a safe, highly secure sandbox environment for you to analyze the behavior of malware and suspect files. File analysis produces detailed information on file behavior, including the severity of behaviors, the original filename, screenshots of the malware executing, and sample packet captures.
Armed with this information, you’ll have a better understanding of what is necessary to contain the outbreak and block future attacks.
https://www.cisco.com/c/en/us/products/collateral/security/fireamp-endpoints/datasheet-c78-733181.html
Leave a Reply