Chapter 11

Endpoint Protection and Detection

This chapter covers the following topics:

Introduction to Endpoint Protection and Detection

Cisco AMP for Endpoints

Cisco Threat Response

The following SCOR 350-701 exam objectives are covered in this chapter:

  • Domain 5.0 Endpoint Protection and Detection

    • 5.1 Compare Endpoint Protection Platforms (EPP) and Endpoint Detection & Response (EDR) solutions

    • 5.2 Explain antimalware, retrospective security, indicator of compromise (IOC), antivirus, dynamic file analysis, and endpoint-sourced telemetry

    • 5.3 Configure and verify outbreak control and quarantines to limit infection

    • 5.4 Describe justifications for endpoint-based security

    • 5.5 Describe the value of endpoint device management and asset inventory ...

Get CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.