350-701 VCE Exam Download

A next-generation endpoint security solution is a modern approach of combining user and system behavior analytics with AI and machine learning to provide endpoint security12. These solutions are specifically designed to detect unknown malware and zero-day threats, which other non-next-generation solutions might fail to detect3. Two key deliverables that help justify the implementation of a next-generation endpoint security solution are:

Continuous monitoring of all files that are located on connected endpoints. This feature allows the solution to scan and analyze all files on the endpoints, regardless of their origin or type, and identify any malicious or suspicious behavior. This helps to prevent malware from infecting the endpoints or spreading to other devices on the network4.

Real-time feeds from global threat intelligence centers. This feature enables the solution to leverage the latest information and insights from various sources, such as security researchers, vendors, and customers, to detect and block new and emerging threats. This helps to keep the endpoints updated and protected from the most advanced and sophisticated attacks5.

References := 1: Overview of next-generation protection in Microsoft Defender for Endpoint 2: What Is Next-Generation Endpoint Security? 2024 Ultimate Guide - SelectHub 3: [Next

 Cisco AMP Threat Grid is a cloud-based or on-premises solution that provides advanced malware analysis and threat intelligence. It combines static and dynamic analysis techniques to examine the behavior of malware samples and correlate them with global and historical context. It also produces detailed reports, threat scores, and behavioral indicators that help security teams prioritize and respond to threats faster and more effectively12. References: 1: Cisco Secure Malware Analytics (Threat Grid) - Cisco 2: Products - Cisco Threat Grid Cloud Data Sheet - Cisco

Cisco Umbrella is a cloud-delivered security service that provides DNS-layer security, secure web gateway, firewall, cloud access security broker, and threat intelligence functions. It helps improve security visibility, detect compromised systems, and protect your users on and off the network by stopping threats over any port or protocol before they reach your network or endpoints1. One of the benefits of using Cisco Umbrella is that it can block threats before they launch, reducing response times, and delivering safe, secure internet with Umbrella’s cloud tools2. By intercepting DNS requests and applying security policies, Umbrella can prevent malicious connections from being established, and mitigate attacks before the application connection occurs3. This can also reduce bandwidth costs and improve performance by filtering out unwanted traffic1. References: 1: The Essential Benefits of Cisco Umbrella 2: 5 Reasons to Try Cisco Umbrella Now 3: Why choose Cisco Umbrella for cybersecurity protection

 Cisco FTD is the recommended solution for this requirement because it allows the administrator to configure URL filtering as part of the access control policy. URL filtering in FTD can block or allow traffic based on the destination URL of a web request, the generalized category of the URL, or the public reputation of the target site. FTD can also use HTTPS URL filtering to inspect encrypted web traffic and block malicious or unwanted sites. FTD supports both local URL lists and external URL filtering servers such as Cisco Talos Intelligence Group (TIG), Websense, or SmartFilter12.

Cisco ASA does not include URL filtering in the access control policy capabilities. ASA can only enable URL filtering for web traffic using external filtering servers such as Websense or SmartFilter. ASA cannot block HTTPS or FTP traffic based on URLs, nor can it use local URL lists or categories. ASA also does not block malicious URLs by default, but relies on the filtering server’s configuration34.

Therefore, option C is the correct answer, and the other options are incorrect. References :=

FTD URL Filtering - How it works? - Cisco Community

Cisco Firepower Threat Defense Configuration Guide for Firepower Device Manager, Version 6.2.3 - Access Control

Configuring Filtering Services - Cisco

Configuring URL Filtering - Cisco