From the course: Cisco CCNP Security SCOR v1.1 (350-701) Cert Prep
Join today to access over 24,800 courses taught by industry experts.
Retrospective security
From the course: Cisco CCNP Security SCOR v1.1 (350-701) Cert Prep
Retrospective security
- [Instructor] Many endpoint anti-malware systems will inspect files only at the point in time that they are accessed or executed. This is certainly true with traditional antivirus programs. When we talk about the Cisco AMP features, one of the great things that this includes is both continuous analysis and retrospective security. Malware has continued to become more and more sophisticated using things like sleep features to hide malware and activate that at a point in time later than when we first downloaded it or executed it. Having simple point in time detection isn't enough these days, and that's why Cisco AMP has these next generation features. AMP has the ability to record the activity of all files within the system, and it can determine if a file that was formerly categorized as being benign turns into a malicious threat at a later time. AMP can also give you an historical view into such a file, allowing you to see the origin of the threat and the behavior over a period of…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
(Locked)
Antimalware6m 8s
-
(Locked)
Retrospective security4m 59s
-
(Locked)
Indication of compromise (IOC)7m 3s
-
(Locked)
Antivirus4m 22s
-
(Locked)
Dynamic file analysis4m 39s
-
(Locked)
Endpoint device management3m 50s
-
(Locked)
Asset inventory6m 43s
-
(Locked)
Mobile device management (MDM)7m 16s
-
(Locked)
Multifactor authentication (MFA)5m 17s
-
(Locked)
Endpoint posture assessment6m 1s
-
(Locked)
Endpoint patching5m 16s
-
(Locked)
-
-