Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 91

An engineer is configuring AMP for endpoints and wants to block certain files from executing.
Which outbreak control method is used to accomplish this task?

Answer options

• A. device flow correlation
• B. simple detections
• C. application blocking list
• D. advanced custom detections

Correct answer: C

Explanation

The application blocking list is specifically designed to prevent certain applications or files from executing, making it the correct choice for this scenario. The other options, like device flow correlation and simple detections, do not directly address the blocking of file executions, while advanced custom detections are more focused on identifying threats rather than blocking them.