Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 615

An organization has had some malware infections recently and the management team wants to use Cisco Secure Firewall to enforce file policies to prevent malicious files from being downloaded. The SHA-256 hash value of all files traversing the firewall must be calculated and compared to the hash values of known malware code. Which file rule action is used to block only the files that are confirmed to be malware?

Answer options

• A. Block Malware
• B. Detect Files
• C. Malware Cloud Lookup
• D. Block Files

Correct answer: A

Explanation

The correct answer is 'Block Malware' because it specifically targets files that have been confirmed to be malicious, effectively preventing them from being downloaded. The other options either detect files without blocking them or provide additional lookup capabilities but do not directly enforce blocking of confirmed malware.