What attack vectors are protected by using the SandBlast Agent?
A . Mail, Web, Office 365
B . Outside the office, removable media, lateral movement
C . Office 365, Outside of the office, removable media, lateral movement
D . email, Lateral movement, Removable media, encrypted channels
Answer: B
MTA
A . 1 and 3 are correct
B . 1, 2, and 3 are correct
C . 1 and 2 are correct
D . 2 and 3 are correct
Answer: A
MTA
A . 1 and 3 are correct
B . 1, 2, and 3 are correct
C . 1 and 2 are correct
D . 2 and 3 are correct
Answer: A
Which Blades of the SandBlast Agent are used for remediation?
A . DLP and Compliance blades
B . Anti-Bot blade and Threat Emulation blades
C . Forensics and Threat Emulation blades
D . Threat Emulation and Threat Extraction Blades
Answer: C
You can restrict a user from downloading an original file if it is getting a malicious verdict from Threat Emulation?
A . True C This is possible through the SmartDashboard Threat extraction settings.
B . False C Due to security concerns, a user will never be able to download a file found to be malicious.
C . True C Under Threat emulation settings you can configure this option.
D . False C Threat Emulation provides a recommendation verdict. The user can download the file even if it is found to be malicious.
Answer: C
You can restrict a user from downloading an original file if it is getting a malicious verdict from Threat Emulation?
A . True C This is possible through the SmartDashboard Threat extraction settings.
B . False C Due to security concerns, a user will never be able to download a file found to be malicious.
C . True C Under Threat emulation settings you can configure this option.
D . False C Threat Emulation provides a recommendation verdict. The user can download the file even if it is found to be malicious.
Answer: C
With regard to SandBlast Cloud emulation, which statement is INCORRECT?
A . SandBlast Cloud licensing offers fair usage caps which customers should never reach.
B . SandBlast Cloud licensing requires a license SKU per gateway.
C . Only new files not seen before are emulated on the cloud and count against fair usage cap.
D . For simplicity, SandBlast Cloud offers a single license SKU per User Center, covering all files sent from all gateways in that User Center.
Answer: D
Which of the following is FALSE about the SandBlast Agent capabilities?
A . Stop data exfiltration to prevent disclosure of sensitive information, and quarantine infected systems to limit spread of malware.
B . Detect and block command and control communications, even when working remotely.
C . Connect to remote offices via virtual private networking in order to gain secure access to local resources.
D . Get unparalleled visibility into specific endpoint and processes to enable faster recovery post-infection.
Answer: C
You can restrict a user from downloading an original file if it is getting a malicious verdict from Threat Emulation?
A . True C This is possible through the SmartDashboard Threat extraction settings.
B . False C Due to security concerns, a user will never be able to download a file found to be malicious.
C . True C Under Threat emulation settings you can configure this option.
D . False C Threat Emulation provides a recommendation verdict. The user can download the file even if it is found to be malicious.
Answer: C
What’s the password for the encrypted malicious file available via the Threat Emulation forensics report?
A . malicious
B . forensics
C . password
D . infected
Answer: C