Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 498

An engineer must configure Cisco AMP for Endpoints so that it contains a list of files that should not be executed by users. These files must not be quarantined. Which action meets this configuration requirement?

Answer options

• A. Modify the advanced custom detection list to include these files.
• B. Add a list for simple custom detection.
• C. Identify the network IPs and place them in a blocked list.
• D. Create an application control blocked applications list.

Correct answer: D

Explanation

The correct answer is D because creating a blocked applications list allows specific files to be prevented from execution without quarantining them. Options A and B deal with detection rather than execution prevention, while option C pertains to network IP management, which does not address the requirement of blocking specific files.