Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 349
An engineer needs to detect and quarantine a file named abc123456789.zip based on the MD5 signature of the file using the Outbreak Control list feature within Cisco Advanced Malware Protection (AMP) for Endpoints. The configured detection method must work on files of unknown disposition. Which Outbreak Control list must be configured to provide this?
Answer options
- A. Simple Custom Detection
- B. Blocked Application
- C. Advanced Custom Detection
- D. Android Custom Detection
Correct answer: C
Explanation
The correct answer is C, Advanced Custom Detection, as it allows for detection based on specific file signatures, including MD5, for files whose disposition is not yet determined. Options A and B do not provide the necessary capabilities for handling unknown files, while option D is specific to Android applications and irrelevant in this context.