Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 595

An engineer used a posture check on a Microsoft Windows endpoint and discovered that the MS17-010 patch was not installed, which left the endpoint vulnerable to WannaCry ransomware.
Which two solutions mitigate the risk of this ransomware infection? (Choose two.)

Answer options

• A. Configure a posture policy in Cisco Identity Services Engine to install the MS17-010 patch before allowing access on the network.
• B. Set up a profiling policy in Cisco Identity Services Engine to check an endpoint patch level before allowing access on the network.
• C. Configure a posture policy in Cisco Identity Services Engine to check that an endpoint patch level is met before allowing access on the network.
• D. Configure endpoint firewall policies to stop the exploit traffic from being allowed to run and replicate throughout the network.
• E. Set up a well-defined endpoint patching strategy to ensure that endpoints have critical vulnerabilities patched in a timely fashion.

Correct answer: C, E

Explanation

The correct answers, C and E, address the need for verifying that critical patch levels are met and ensuring timely updates to prevent vulnerabilities. Option A does not ensure the endpoint's patch level is checked before access, while option B only checks the patch status without enforcing compliance. Option D focuses on exploit prevention rather than patch management, which is essential in this scenario.