Exam 200-201 topic 1 question 241 discussion

i'd go with D. it's about visibility, not protection

The question already gave us the information that the file is Malicious,  yet it has not been blocked and has just been recorded by FMC. If we had stronger data visibility, detailed information about the data in real time would have been provided, and malicious traffic would have been blocked on multiple devices. This is indeed a tricky question, but I do think that it asks what the "End Result" here  if there is stronger data visibility.

With stronger data visibility, the security team would have more detailed and real-time information about the malicious .docx file, allowing them to better detect, analyze, and respond to the threat. This could include more granular information about the file's characteristics, behavior, and network traffic patterns, as well as visibility across multiple devices and network segments. This could help to improve threat detection and response capabilities and enhance overall security posture. So, why not B? Option B could also be a possible answer, as stronger data visibility could enable multiple devices to block malicious traffic. However, option D more accurately describes the benefits of stronger data visibility in this specific scenario, as it mentions providing detailed information about the data in real time. Option D emphasizes the importance of having a comprehensive view of network traffic and being able to quickly identify and respond to potential threats.

The question is what would have occurred with stronger data visibility. Not what should be implemented for better protection.

could be a D aswell

The question asks about stronger visibility not better protection.

The question states "stronger data visibility" so not better protection. So I would assume the answer could be C too?

B. Malicious traffic would have been blocked on multiple devices.