Analysis of Other Options:
A. Cisco Umbrella: Cisco Umbrella is a cloud-delivered security service that provides DNS-layer security and internet-wide visibility to protect against malware, phishing, and command and control callbacks. It does not provide patch management capabilities.
B. Cisco ISE (Identity Services Engine): Cisco ISE is a network access control and policy enforcement platform that provides visibility and control over users and devices on the network. It focuses on access control and identity management rather than patch management.
C. Cisco CloudLock: Cisco CloudLock is a cloud-native CASB (Cloud Access Security Broker) and cloud cybersecurity platform that helps secure data, meet compliance requirements, and monitor and control cloud applications. It does not focus on patch management.
the link from achille5, it states "baselines the installed software packages, package version, patch level, and more for every workload", the definition of patch management i believe is "Patch management is the process of applying firmware and software updates to improve functionality, close security vulnerabilities, and optimize performance." - the link does not say it applies firmware.. it states that it baselines.. - w that said.. im still confused as to what the right answer is
This is the right answer. Umbrella and Cloudlock do not provide patch management, so the answer can only be ISE and Tetration (Secure Workload), the question is about patch management in the cloud, so it leaves only Tetration as the possible answer and you can confirm it with the link provided by achille5
Software inventory and vulnerability detection: The Cisco Secure Workload platform baselines the installed software packages, package version, patch level, and more for every workload. The platform maintains an up-to-date CVE data feed from multiple sources, including NIST and OS vendor data packs, which contain the latest vulnerability and exposure information. Using this, Secure Workload checks whether the software packages have known information security vulnerabilities. When a vulnerability is detected, complete details—including the severity and impact score—can be found. You can then quickly find all the servers with the same version of the package installed for patching and planning purposes. Security operations can predefine policies with specific actions, such as quarantining a host when servers have packages with certain vulnerabilities.
C. Cisco CloudLock is a security solution that provides patch management in the cloud.
Cisco CloudLock is a cloud-based security solution that provides organizations with visibility and control over their cloud-based assets, such as SaaS apps, IaaS, and PaaS. It includes a feature called CloudLock Patch Management, which allows organizations to identify and remediate vulnerabilities in cloud-based assets, including software vulnerabilities, configuration issues, and missing patches. It also provides automated patching for cloud-based assets, which can help organizations to keep their cloud-based assets up-to-date and secure.
In summary, Cisco CloudLock is a security solution that provides patch management in the cloud, it allows organizations to identify and remediate vulnerabilities in cloud-based assets, including software vulnerabilities, configuration issues, and missing patches, and also provides automated patching for cloud-based assets, which can help organizations to keep their cloud-based assets up-to-date and secure.
Cisco CloudLock, on the other hand, is a cloud-based security solution that provides visibility and control over cloud-based assets, such as SaaS apps, IaaS, and PaaS. It provides a comprehensive set of security capabilities that can be used to protect cloud-based assets, including CloudLock Patch Management, CloudLock Identity and Access Management, CloudLock Data Loss Prevention, and CloudLock Cloud Access Security Broker (CASB) capabilities. CloudLock also includes a feature called Cloud Discovery, which allows organizations to identify and inventory all of their cloud-based assets.
There is not a single reference for "CloudLock Patch Management" in Google or in Cloudlock documentation. I have no idea where you've got that information.
Im going with D on this one. ISE does not manage the cloud, Tetration (Secure Workloads) does.
See link below:
https://www.cisco.com/c/en/us/products/collateral/data-center-analytics/tetration-analytics/q-and-a-c67-737402.html
The Cisco Secure Workload platform baselines the installed software packages, package version, patch level, and more for every workload. The platform maintains an up-to-date CVE data feed from multiple sources, including NIST and OS vendor data packs, which contain the latest vulnerability and exposure information. Using this, Secure Workload checks whether the software packages have known information security vulnerabilities. When a vulnerability is detected, complete details—including the severity and impact score—can be found. You can then quickly find all the servers with the same version of the package installed for patching and planning purposes.
This section is not available anymore. Please use the main Exam Page.350-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Mocix
10 months, 1 week agoiluvmicrosoft
1 year agofdl543
1 year, 9 months agoachille5
2 years agoDWizard
1 year, 9 months agoachille5
2 years agosull3y
2 years, 3 months agoFelice44
2 years agosull3y
2 years, 3 months agofdl543
1 year, 9 months agoDorr20
1 year, 11 months agowest33637
2 years, 3 months agowest33637
2 years, 3 months agoMPoels
1 year, 1 month agoamtf8888
2 years, 3 months agosull3y
2 years, 3 months ago