A company discovered an attack propagating through their network via a file.

the file to Cisco Threat Grid for dynamic analysis. Cisco Threat Grid is a cloud-based service that provides malware analysis and threat intelligence. It can analyze suspicious files and URLs, and provide detailed reports on the behavior, indicators, and severity of the threat1. By sending the file to Cisco Threat Grid, the custom file policy can leverage the dynamic analysis results to detect the file as an indicator of compromise, and prevent other endpoints from executing the infected file. The other options are not correct because they do not address the root cause of the problem, which is the lack of detection by the custom file policy. Creating an IP block list, blocking the application, or uploading the hash for the file may help to mitigate the attack, but they do not ensure that the custom file policy is functioning as it should. References:

2: Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 - Module 5: Endpoint Protection and Detection

3: Cisco AMP for Endpoints User Guide - Custom Detection Lists

4: Cisco AMP for Endpoints User Guide - File Analysis and Cisco Threat Grid

1: Cisco Threat Grid - Overview