Which software blades are characteristic to a Threat Prevention Appliance?
A. Anti-Virus, Anti-Bot, IPS, Identity Awareness
B. Anti-Virus, Anti-Bot, IPS, URL Filtering, Identity Awareness
C. Anti-Virus, Anti-Bot, IPS, Application Control, URL Filtering, Identity Awareness
D. Anti-Virus, Anti-Bot, IPS, URL Filtering, Identity Awareness, SmartEvent
Which of the following is information uploaded to ThreatCloud?
A. Compromised Machine IP Addresses
B. Malware Site IP Addresses
C. Anticipated Attack Methods
D. Sensitive Corporate Data
Which of the following is a searchable database of all known threats detected by sensors around the world?
A. ThreatCloud
B. ThreatWiki
C. ThreatSpect
D. SmartLog
When adding IPS to a gateway, which profile will be set?
A. Default_Protection, but with all actions set to "Detect only"
B. Default_Protection, but with all actions set to "Prevent"
C. Default_Protection
D. Recommended_Protection
IPS is primarily a __________-based engine.
A. Signature
B. Difference
C. Action
D. Anomaly
An end-user calls the helpdesk, complaining that he cannot access a web site. You check the log and see that an IPS signature is dropping his connections. What can you do? Change the signature action to:
A. Bypass
B. Detect
C. Inactive
D. Prevent
Damage from a bot attack can take place after the bot compromises a machine. Which of the following represents the order by which this process takes place? The bot:
A. infects a machine, communicates with its command and control handlers, and penetrates the organization.
B. penetrates the organization, infects a machine, and communicates with its command and control handlers.
C. communicates with its command and control handlers, infects a machine, and penetrates the organization.
D. penetrates the organization, communicates with its command and control handlers, and infects a machine.
When is the default Threat Prevention profile enforced?
A. At the first Security Policy installation.
B. Only after SensorNET participation is enabled.
C. When the profile is assigned to a gateway.
D. When the administrator installs the profile on Security Gateway.
When the feature ______________ is ON, the Gateway does not block DNS requests that were identified as malicious. Instead it sends a false response with a bogus IP address to the client.
A. Malware DNS Blacklist
B. Malware DNS Trap
C. Malware DNS Sinkhole
D. Malware DNS Blackhole
What is the most common way a computer can become infected with a bot?
A. Malvertising
B. Users accessing malicious web sites
C. Adobe file vulnerabilities
D. Microsoft file vulnerabilities