SNCF — Securing Networks with Firepower — Question 103

A security engineer is configuring a remote Cisco FTD that has limited resources and internet bandwidth. Which malware action and protection option should be configured to reduce the requirement for cloud lookups?

Answer options

• A. Block File action and local malware analysis
• B. Malware Cloud Lookup and dynamic analysis
• C. Block Malware action and dynamic analysis
• D. Block Malware action and local malware analysis

Correct answer: D

Explanation

The correct answer is D because blocking malware while performing local malware analysis reduces reliance on cloud lookups, which is crucial given the limited resources and bandwidth. Option A suggests a Block File action, which is not as effective in minimizing cloud lookups as the right option. Options B and C involve cloud lookups or dynamic analysis, which do not address the resource constraints effectively.