A company is using a Web Gateway/Proxy for all outbound connections. The company has deployed Traps within the domain and in testing, discovered that the ESM Servers are unable to communicate with WildFire. All other Traps features are working.
What is the most likely cause of the issue?
- A . The administrator needs to configure WildFire proxy settings in each Agent Console.
- B . The administrator needs to configure WildFire proxy settings in the ESM Console and in each Agent Console.
- C . The Administrator needs to purchase the additional site license required for WildFire.
- D . The Administrator needs to configure WildFire proxy settings in the ESM Console.
An administrator is concerned about rogue installs of Internet Explorer.
Which policy can be created to assure that Internet Explorer can only run from the Program Files Internet Explorer directory?
- A . An execution path policy to blacklist iexplore.exe, and whitelist entry for %programfiles%iexplore.exe
- B . An execution path policy to blacklist *iexplore.exe. Trusted signers will allow the default iexplore.exe
- C . A whitelist of *iexplore.exe with an execution path restriction, and a blackfirst of %system%iexplore.exe
- D . An execution path policy to blacklist *iexplore.exe, and a whitelist entry for %programfiles%Internet Exploreriexplore.exe
Once an administrator has successfully instated a Content Update, how is the Content Update applied to endpoint?
- A . After Installation on the ESM, an Agent License renewal is required in order to trigger relevant updates.
- B . After installation on the ESM, relevant updates occur at the next Heartbeat communication from each endpoint.
- C . Installation of a Content Update triggers a proactive push of the update by the ESM server to all endpoints with licensed Traps Agents within the Domain.
- D . The Traps Agent must be reinstalled on the endpoint in order to apply the content update. Existing Agents will not be able to take advantage of content updates.
Assume a Child Process Protection rule exists for powershell.exe in Traps v 4.0. Among the items on the blacklist is ipconfig.exe.
How can an administrator permit powershell.exe to execute ipconfig.exe without altering the rest of the blacklist?
- A . add ipconfig.exe to the Global Child Processes Whitelist, under Restriction settings.
- B . Uninstall and reinstall the traps agent.
- C . Create a second Child Process Protection rule for powershell.exe to whitelist ipconfig.exe.
- D . Remove ipconfig.exe from the rule’s blacklist.
A company is trying to understand which platform can be installed on their environment:
Select the three endpoints where Traps can be installed (Choose three).
- A . Windows 10 LTSB with 2 GB RAM, 500MB free disk space and Intel Core i5 CPU
- B . Windows 2000 SP4 with 1 GB RAM, 4 GB free disk space and Intel Pentium 4 CPU
- C . Apple iPhone 6s
- D . Windows Server 2012 R2 Standard Edition in FIPS Mode, with 4GB RAM, 20GB free disk space, running on VMware ESXi.
- E . 15” MacBook Pro running macOS 10.12 with 16GB RAM, Intel Core i7 CPU and 100GB tree disk space
Which two enhanced key usage purposes are necessary when creating an SSL certificate for an ESM server? (Choose two.)
- A . File Recovery
- B . Server Authentication
- C . Client Authentication
- D . Key Recovery
A customer plans to test the malware prevention capabilities of Traps. It has defined this policy.
– Local analysis is enabled
– Quarantining of malicious files is enabled
– Files are to be uploaded to WildFire
No executables have been whitelisted or blacklisted in the ESM Console Hash Control screen.
Malware sample A has a verdict of Malicious in the WildFire service. Malware sample B is unknown to WildFire.
Which behavior will result?
- A . WildFire will block sample A as known malware; sample B will be blocked as an unknown binary while the file is analyzed by WildFire for a final verdict.
- B . Hash Control already knows sample A locally in the endpoint cache and will block it. Sample B will not be blocked by WildFire, but will be blocked by the local analysis engine.
- C . WildFire will block sample A as known malware, and sample B will compromise the endpoint because it is new and ESM Server has not obtained the required signatures.
- D . WildFire will block sample A as known malware; sample B will not be blocked by WildFire, but will be evaluated by the local analysis engine and will or will not be blocked, based on its verdict, until WildFire analysis determines the final verdict.
During installation of the ESM and the agent, SSL was enabled on an endpoint. However, the agent communication is failing. The services.log on the endpoint has the following error.
*An error occurred while making the HTTP request to https: //hostname:2125/CyveraServer/. This could be due to the fact that the server certificate is not configured property with HTTP SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server."
Which certificate can be imported on the endpoint to solve this issue? Assume the hostname is a valid FQDN and the ESM Server and Console have different certificates.
- A . ESM Server Public Certificate
- B . ESM Server Serf-Signed Certificate
- C . ESM Console Self-Signed Certificate
- D . ESM Console Public Certificate
Which version of .NET Framework is required as a prerequisite when installing Traps agent on Windows 7?
- A . .NET Framework 4.5
- B . .NET Framework 3.5.1
- C . .NET Framework 2.0
- D . .NET Framework 4.0
Which software category is most likely to cause a conflict with the Traps agent?
- A . Exploit prevention software
- B . Web browser software
- C . Web meeting and collaboration software
- D . Full disk encryption software