The ePO administrators have already tuned and configured dynamic application containment rules within the policy. In which of the following ways will dynamic application containment protect against malware once enforcement is enabled?
Select an option, then click Submit answer.
-
○
The scan engine will learn the behavior of the application and send up to GT1 for analysis, and then receive an action to block all actions from the application's process.
-
○
If an application's reputation is below the threshold while triggering a block rule and is not an excluded application, malicious behavior of the application will be contained.
-
○
The ENS client will receive the reputation as "highly suspicious" from either the McAfee GTI or TIE server, and then immediately uninstall the application on the system.
-
○
The adaptive threat protection scanner will send the file automatically to a preconfigured "Sandbox" folder and analyze the application for malicious features before use.
