156-730 무료 덤프문제 온라인 액세스

You have installed the SandBlast Agent with forensics. An attack has occurred, which triggered the Forensics Blade to collect information. You clicked to open the forensics report but for some reason it is not showing the report as it should. What could be the issue?

• A.There is a Microsoft update missing which causes the report not to show as it should.
• B.There was no real attack and this is a false positive.
• C.Threat Emulation is disabled.
• D.The attack was based on a macro and the Forensics Blade only supports executables.

What Mail Transfer Agent is used with SandBlast?

• A.Sendmail
• B.Postfix
• C.Exchange
• D.Check Point

You can restrict a user from downloading an original file if it is getting a malicious verdict from Threat Emulation?

• A.False - Due to security concerns, a user will never be able to download a file found to be malicious.
• B.True - Under Threat emulation settings you can configure this option.
• C.True - This is possible through the SmartDashboard Threat extraction settings.
• D.False - Threat Emulation provides a recommendation verdict. The user can download the file even if it is found to be malicious.

You analyze your Threat Prevention events in SmartEvent and there is one specific event with a PDF-document you suspect being malicious. What is a typical behavior Threat
Emulation would detect as malicious? When the PDF is opened in VM:

• A.there is an outgoing network connection.
• B.it opens with Administrator privileges.
• C.there are no changes to the registry.
• D.it tries to open in Acrobat Reader.

A Threat Extraction license is always bundled with Threat Emulation.

• A.True - it is part of the NGTX license.
• B.False - they can be purchased separately.
• C.True - it is part of the NGTP and EBP license.
• D.False - Threat extraction is part of the basic NGFW license.