Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 307

An engineer is deploying Cisco Advanced Malware Protection (AMP) for Endpoints and wants to create a policy that prevents users from executing a file named abc123456789.exe without quarantining that file. What type of Outbreak Control list must the SHA-256 hash value for the file be added to in order to accomplish this?

Answer options

• A. Advanced Custom Detection
• B. Simple Custom Detection
• C. Isolation
• D. Blocked Application

Correct answer: D

Explanation

The correct answer is D, Blocked Application, as this list is specifically designed to prevent the execution of certain applications without quarantining them. The other options either involve detection or isolation, which do not meet the requirement of stopping the execution without quarantine.