SNCF — Securing Networks with Firepower — Question 222

A network administrator is reviewing a monthly advanced malware risk report and notices a host that is listed as CnC Connected. Where must the administrator look within Cisco FMC to further determine if this host is infected with malware?

Answer options

• A. Analysis > Hosts > Indications of Compromise
• B. Analysis > Hosts > Host Attributes
• C. Analysis > Files > Malware Events
• D. Analysis > Files > Network File Trajectory

Correct answer: A

Explanation

The correct answer is A, as the 'Indications of Compromise' section specifically details potential infections or malicious activity related to the host. Options B, C, and D do not provide the same level of insight into infection status, focusing instead on host attributes, malware events, or file trajectories which are less directly related to confirming a malware infection.