September 2017
Beginner to intermediate
436 pages
12h 33m
English
Content preview from Implementing Cisco Networking Solutions
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Advanced Malware Protection (AMP)
The threats in the modern cyber world are delivered through multiple channels and as files that might not look suspicious when they enter the network. However, the malware morphs into different forms and becomes active after some time, thus launching an attack.
AMP systems are systems that track any known files using hash values to alert security triggers and prevent the spread of the files and malware. These systems also track unknown files by using a technique called sandboxing where the file is kept in an isolated environment to check if the files morphs and is a security threat. If it does, it is important to block the files from then on, which is done using the hash value for the file. However, an important ...