ExamGecko
Search Search Login
Home Home / Cisco / 350-701
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which compliance status is shown when a configured posture policy requirement is not met?
An engineer is configuring device-hardening on a router in order to prevent credentials from being seen if the router configuration was compromised. Which command should be used?
Which two features are used to configure Cisco ESA with a multilayer approach to fight viruses and malware? (Choose two)
Which two application layer preprocessors are used by Firepower Next Generation Intrusion Prevention System? (Choose two)
Which Cisco platform onboards the endpoint and can issue a CA signed certificate while also automatically configuring endpoint network settings to use the signed endpoint certificate, allowing the endpoint to gain network access?
DRAG DROP Drag and drop the capabilities of Cisco Firepower versus Cisco AMP from the left into the appropriate category on the right.
Which ASA deployment mode can provide separation of management on a shared appliance?
Which PKI enrollment method allows the user to separate authentication and enrollment actions and also provides an option to specify HTTP/TFTP commands to perform file retrieval from the server?
An engineer wants to generate NetFlow records on traffic traversing the Cisco ASA. Which Cisco ASA command must be used?
What is a characteristic of Firepower NGIPS inline deployment mode?

Question 217 - 350-701 discussion

Report
Export

In which situation should an Endpoint Detection and Response solution be chosen versus an Endpoint Protection Platform?

A.

when there is a need for traditional anti-malware detection

Answers
A.

when there is a need for traditional anti-malware detection

B.

when there is no need to have the solution centrally managed

Answers
B.

when there is no need to have the solution centrally managed

C.

when there is no firewall on the network

Answers
C.

when there is no firewall on the network

D.

when there is a need to have more advanced detection capabilities

Answers
D.

when there is a need to have more advanced detection capabilities

Suggested answer: D

Explanation:

Endpoint protection platforms (EPP) prevent endpoint security threats like known and unknown malware.

Endpoint detection and response (EDR) solutions can detect and respond to threats that your EPP and other security tools did not catch.

EDR and EPP have similar goals but are designed to fulfill different purposes. EPP is designed to provide device-level protection by identifying malicious files, detecting potentially malicious activity, and providing tools for incident investigation and response.

The preventative nature of EPP complements proactive EDR. EPP acts as the first line of defense, filtering out attacks that can be detected by the organization's deployed security solutions. EDR acts as a second layer of protection, enabling security analysts to perform threat hunting and identify more subtle threats to the endpoint.

Effective endpoint defense requires a solution that integrates the capabilities of both EDR and EPP to provide protection against cyber threats without overwhelming an organization's security team.

Show Answer
asked 10/10/2024
Ankur Patel
42 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms