Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) — Question 765

Which technique is used to protect end user devices and data from unknown file behavior?

Answer options

• A. crypto file ransomware protection using a file hash calculation
• B. file retrospection using continuous scan and analyses
• C. file sandboxing using a protected environment to analyze and simulate the behavior of unknown files
• D. phishing file quarantine using an internal environment to store attached files

Correct answer: C

Explanation

The correct answer is C, as file sandboxing creates a secure environment to test and observe the behavior of unknown files without risking the host system. Options A and B focus on hash calculations and scanning, which do not directly analyze file behavior, while D pertains to quarantining files rather than evaluating their actions.