Online Access Free 156-730 Practice Test

Which Blades of the SandBlast Agent are used for remediation?

• A.Threat Emulation and Threat Extraction Blades
• B.DLP and Compliance blades
• C.Forensics and Threat Emulation blades
• D.Anti-Bot blade and Threat Emulation blades

Which statements below are CORRECT regarding Threat Prevention profiles in SmartDashboard?
1. You can assign multiple profiles per gateway.
2. A profile can be assigned to one or more rules.
3. Only one profile per gateway is allowed.
4. A profile can be assigned to only one rule.

• A.1 and 4 are correct
• B.1, 2, 3 and 4 are correct
• C.2 and 3 are correct
• D.1 and 2 are correct

You analyze your Threat Prevention events in SmartEvent and there is one specific event with a PDF-document you suspect being malicious. What is a typical behavior Threat
Emulation would detect as malicious? When the PDF is opened in VM:

• A.there is an outgoing network connection.
• B.there are no changes to the registry.
• C.it tries to open in Acrobat Reader.
• D.it opens with Administrator privileges.

Which feature do you enable to allow the gateway to participate in email flow and therefore hold mails and strip malicious attachment if found?

• A.SME
• B.MTA
• C.MIV
• D.EMT

You have installed the SandBlast Agent with forensics. An attack has occurred, which triggered the Forensics Blade to collect information. You clicked to open the forensics report but for some reason it is not showing the report as it should. What could be the issue?

• A.Threat Emulation is disabled.
• B.There is a Microsoft update missing which causes the report not to show as it should.
• C.The attack was based on a macro and the Forensics Blade only supports executables.
• D.There was no real attack and this is a false positive.