Which TWO of the following are indicators of compromise (IOCs) that can be detected by Cisco AMP for Endpoints?
File hashes are common IOCs.
Why this answer
AMP can detect file hashes and IP connections as IOCs; behavioral rules are also used but not listed as typical IOCs.