Endpoint Security Software Questions & Answers

Primary type of scanning that supports endpoint security:

• Quick Scan, full scan, custom scan, on-access scan, and on demand scan.

Quarantine actions configured within security platforms include:

• Email security (e.g., Microsoft Defender for Office)
• File/data loss connection DLP (e.g., BroadCom DLP)
• Cloud application security (e.g., Microsoft Defender for cloud apps)
• Network and endpoint security (e.g., Cisco/ Service Now)

Primary type of scanning that supports endpoint security: Quick Scan, full scan, custom scan, on-access scan, and on demand scan.

Essential dashboards that show threat statistics:

• Threat analytics and intelligence dashboards
• Network security and firewall dashboards
• Vulnerability and endpoint protection dashboards

The behavior-based detection works in endpoint security:

• Establishment of baseline
• Continuous monitoring
• Anomaly detection
• Automated response

Endpoint protection integrates with SIEM tools via:

• log integration and normalization
• data correlation and detection
• automated incident response
• centralized visibility and reporting

These integrations enable real-time correlation of endpoint events.

Endpoint protection detects malware in real time by behavioral analysis, machine learning & AI, Signature-Based Detection, Sandboxing, and Threat Intelligence.

Encryption options for endpoint devices are:

• Full-disk Encryption
• File and folder level Encryption
• Removable Encryption
• Common Encryption
• Management option Encryption

Password software prevents phishing attacks by using secure autofill capabilities. The methods include unique and complex security, breach reporting alerts, and safe launching.

The primary policy management features are:

• Policy lifecycle and workflow automation
• Version control
• Centralized Document Repository
• Audit trails and reporting
• Role-based access control
• Target distribution and control