Which Cisco AMP for Endpoints engine is a complete client-side antivirus solution?

A. TETRA

B. Ethos

C. WSA

D. Spero

Explanation:
Of the available choices, only the Cisco Advanced Malware Protection (AMP) for Endpoints TETRA engine is a complete client-side antivirus solution. Cisco AMP is a cloud-based technology that conducts malware analysis that is less limited in scope than malware scanning products. Cisco AMP for Endpoints is a host-based malware detection and prevention platform that runs on Microsoft Windows, Mac OS X, Linux, and Google Android. Like many other antimalware packages, AMP for Endpoints monitors network traffic and application behavior to protect a host from malicious traffic. However, unlike many of its competitors, AMP for Endpoints continues its analysis after a disposition has been assigned to a file or traffic flow. AMP for Endpoints uses technology known as engines to detect and protect endpoints. There are three engines: Ethos, Spero, and TETRA.

The TETRA engine is a complete client-side antivirus solution. It is similar to installing a standalone antivirus product on a local computer. Therefore, you should not deploy AMP for Endpoints with the TETRA engine if you have another antivirus solution already deployed on network endpoints. Because of the nature of this engine, TETRA is disabled by default on Cisco AMP for Endpoints. When enabled, additional settings can be configured that describe how endpoints should be scanned.

The Spero engine uses dynamic heuristics, which is also sometimes known as active heuristics. Dynamic heuristics is a method of modeling a computing environment and then deploying a potential threat into that model to determine how it might affect a real-world device. Based on the outcome, the Spero engine can detect threats that might not be detected by engines that rely on signatures or passive heuristic techniques.

The Ethos engine operates exclusively in a Cisco AMP for Endpoints public cloud instance. It uses static heuristics, which is also sometimes known as passive heuristics. Static heuristics uses a form of detection that decompiles potential threats and scans the source code for similarities to known threats.

The Cisco Web Security Appliance (WSA) is not an AMP for Endpoints engine. However, AMP can connect to a Cisco WSA by using an AMP connector that is known as AMP for Web. Other AMP connectors include AMP for Networks, AMP for Email, and AMP for Meraki MX. AMP for Networks connects to Next-Generation Firewall (NGFW), Next-Generation Intrusion Prevention System (NGIPS), and Integrated Services Routers (ISRs). AMP for Email connects to Cisco Email Security Appliance (ESA).