156-730 Check Point Accredited Sandblast Administrator exam is a hot Check Point certification exam, Exam4Training offers you the latest free online 156-730 dumps to practice. You can get online training in the following questions, all these questions are verified by Check Point experts. If this exam changed, we will share new update questions.
What attack vectors are protected by using the SandBlast Agent?
A . Mail, Web, Office 365
B . Outside the office, removable media, lateral movement
C . Office 365, Outside of the office, removable media, lateral movement
D . email, Lateral movement, Removable media, encrypted channels
Answer: B
MTA
A . 1 and 3 are correct
B . 1, 2, and 3 are correct
C . 1 and 2 are correct
D . 2 and 3 are correct
Answer: A
MTA
A . 1 and 3 are correct
B . 1, 2, and 3 are correct
C . 1 and 2 are correct
D . 2 and 3 are correct
Answer: A
Which Blades of the SandBlast Agent are used for remediation?
A . DLP and Compliance blades
B . Anti-Bot blade and Threat Emulation blades
C . Forensics and Threat Emulation blades
D . Threat Emulation and Threat Extraction Blades
Answer: C
You can restrict a user from downloading an original file if it is getting a malicious verdict from Threat Emulation?
A . True C This is possible through the SmartDashboard Threat extraction settings.
B . False C Due to security concerns, a user will never be able to download a file found to be malicious.
C . True C Under Threat emulation settings you can configure this option.
D . False C Threat Emulation provides a recommendation verdict. The user can download the file even if it is found to be malicious.
Answer: C
You can restrict a user from downloading an original file if it is getting a malicious verdict from Threat Emulation?
A . True C This is possible through the SmartDashboard Threat extraction settings.
B . False C Due to security concerns, a user will never be able to download a file found to be malicious.
C . True C Under Threat emulation settings you can configure this option.
D . False C Threat Emulation provides a recommendation verdict. The user can download the file even if it is found to be malicious.
Answer: C
With regard to SandBlast Cloud emulation, which statement is INCORRECT?
A . SandBlast Cloud licensing offers fair usage caps which customers should never reach.
B . SandBlast Cloud licensing requires a license SKU per gateway.
C . Only new files not seen before are emulated on the cloud and count against fair usage cap.
D . For simplicity, SandBlast Cloud offers a single license SKU per User Center, covering all files sent from all gateways in that User Center.
Answer: D
Which of the following is FALSE about the SandBlast Agent capabilities?
A . Stop data exfiltration to prevent disclosure of sensitive information, and quarantine infected systems to limit spread of malware.
B . Detect and block command and control communications, even when working remotely.
C . Connect to remote offices via virtual private networking in order to gain secure access to local resources.
D . Get unparalleled visibility into specific endpoint and processes to enable faster recovery post-infection.
Answer: C
You can restrict a user from downloading an original file if it is getting a malicious verdict from Threat Emulation?
A . True C This is possible through the SmartDashboard Threat extraction settings.
B . False C Due to security concerns, a user will never be able to download a file found to be malicious.
C . True C Under Threat emulation settings you can configure this option.
D . False C Threat Emulation provides a recommendation verdict. The user can download the file even if it is found to be malicious.
Answer: C
What’s the password for the encrypted malicious file available via the Threat Emulation forensics report?
A . malicious
B . forensics
C . password
D . infected
Answer: C