Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 547

What is capability of EPP compared to EDR?

Answer options

• A. EPP protects against malware that has already entered the environment, and EDR focuses on protecting against botnets.
• B. EDR protects against email attacks, and EPP focuses on detecting and monitoring phishing and ransomware email attacks.
• C. EDR protects against malicious email attacks, and EPP focuses on suspicious website attacks including DoS and DDoS attempts.
• D. EDR protects against malware that has already entered the environment, and EPP focuses on preventing malware from entering.

Correct answer: D

Explanation

The correct answer is D because EPP (Endpoint Protection Platform) is primarily focused on preventing malware from entering the environment, while EDR (Endpoint Detection and Response) deals with detecting and responding to threats that are already present. The other options incorrectly describe the functions of EPP and EDR, mixing up their protective capabilities.