Online Access Free 156-730 Practice Test

What kind of approach or approaches will Check Point SandBlast apply to prevent MALICIOUS DOCUMENTS?

• A.Blacklist/machine learning
• B.Exploit
• C.Signature
• D.Whitelist and Exploit

Which phase(s) is(are) NOT part of the Cyber Kill Chain?

• A.Action and Objectives
• B.Command and Control
• C.Remediation
• D.Exploitation

You have installed the SandBlast Agent with forensics. An attack has occurred, which triggered the Forensics Blade to collect information. You clicked to open the forensics report but for some reason it is not showing the report as it should. What could be the issue?

• A.There is a Microsoft update missing which causes the report not to show as it should.
• B.The attack was based on a macro and the Forensics Blade only supports executables.
• C.There was no real attack and this is a false positive.
• D.Threat Emulation is disabled.

Which of the following is FALSE about the SandBlast Agent capabilities?

• A.Connect to remote offices via virtual private networking in order to gain secure access to local resources.
• B.Detect and block command and control communications, even when working remotely.
• C.Stop data exfiltration to prevent disclosure of sensitive information, and quarantine infected systems to limit spread of malware.
• D.Get unparalleled visibility into specific endpoint and processes to enable faster recovery post-infection.

A Threat Extraction license is always bundled with Threat Emulation.

• A.True - it is part of the NGTP and EBP license.
• B.False - they can be purchased separately.
• C.False - Threat extraction is part of the basic NGFW license.
• D.True - it is part of the NGTX license.