Which circumstance does the Cisco AMP assign a file disposition without submitting the file to the cloud for dynamic analysis?

Under which circumstance does the Cisco AMP assign a file disposition without submitting the file to the cloud for dynamic analysis?Reference: https://www.cisco.com/c/en/us/td/docs/security/firepower/610/configuration/guide/fpmc-config-guide-v61/ file_malware_events_and_network_file_trajectory.pdf

Question:

Which circumstance does the Cisco AMP assign a file disposition without submitting the file to the cloud for dynamic analysis?

Options:

when the file has previously been submitted for dynamic analysis and the analysis failed

when the file is a PDF or Microsoft Office document

when a previously undetected file matches a file rule with the Block Malware action

when an executable file matches a file rule with the Malware Cloud Lookup action and the lookup provides a file disposition

Correct Answer

The Correct Answer for this Question is

when an executable file matches a file rule with the Malware Cloud Lookup action and the lookup provides a file disposition

Leave a Comment