Download IBM Certified Associate Administrator - Security QRadar SIEM V7.2.8.156-730.TestKing.2019-02-21.40q.vcex

Vendor: Checkpoint
Exam Code: 156-730
Exam Name: IBM Certified Associate Administrator - Security QRadar SIEM V7.2.8
Date: Feb 21, 2019
File Size: 21 KB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
Which protocols are supported by the THREAT EMULATION blade?
  1. CIFS, FTP, and optional HTTP and SMTP support
  2. HTTP(S), SMTP/TLS only
  3. HTTP and SMTP only, there is no SSL/TLS security support
  4. HTTP(S), SMTP/TLS with optional CIFS
Correct answer: D
Question 2
Which SmartConsole can you use to view Threat Emulation forensics reports?
  1. SmartView Monitor
  2. SmartView Reporter
  3. SmartLog
  4. SmartDashboard
Correct answer: C
Question 3
How does Threat Extraction work?
  1. Scan and extract files for Command and Control activity.
  2. It emulates a document and, if malicious, converts it into a PDF.
  3. It extracts active content from a document.
  4. It scans the document for malicious code and removes it.
Correct answer: C
Question 4
What kind of approach or approaches will Check Point SandBlast apply to prevent malicious EXE-files?
  1. Machine learning algorithm
  2. Signature
  3. Exploit
  4. Whitelist and Exploit
Correct answer: C
Question 5
You have installed the SandBlast Agent with forensics. An attack has occurred, which triggered the Forensics Blade to collect information. You clicked to open the forensics report but for some reason it is not showing the report as it should. What could be the issue?
  1. The attack was based on a macro and the Forensics Blade only supports executables.
  2. There is a Microsoft update missing which causes the report not to show as it should.
  3. There was no real attack and this is a false positive.
  4. Threat Emulation is disabled.
Correct answer: B
Question 6
The file reclassifier is a Threat Emulation component used to perform which function on files in the stream?
  1. Count the hits of each file extension, used as part of the reporting mechanism.
  2. Used to measure Threat Emulation usage and reporting back to Check Point.
  3. Used to rename files extension so they are processed using the correct application based on the file magic.
  4. Used to rename files extension so they are processed using the correct application based on the current file extension.
Correct answer: D
Question 7
Which of the following is FALSE about the SandBlast Agent capabilities?
  1. Stop data exfiltration to prevent disclosure of sensitive information, and quarantine infected systems to limit spread of malware.
  2. Detect and block command and control communications, even when working remotely.
  3. Connect to remote offices via virtual private networking in order to gain secure access to local resources.
  4. Get unparalleled visibility into specific endpoint and processes to enable faster recovery post-infection.
Correct answer: C
Question 8
With regard to SandBlast Cloud emulation, which statement is INCORRECT?
  1. SandBlast Cloud licensing offers fair usage caps which customers should never reach.
  2. SandBlast Cloud licensing requires a license SKU per gateway.
  3. Only new files not seen before are emulated on the cloud and count against fair usage cap.
  4. For simplicity, SandBlast Cloud offers a single license SKU per User Center, covering all files sent from all gateways in that User Center.
Correct answer: D
Question 9
Threat Emulation Cloud offers pods to perform emulation, in which geographies are these pods located
  1. USA and Germany only
  2. Germany, Israel, USA
  3. UK, USA, South America
  4. Israel, Germany, Russia
Correct answer: B
Question 10
You can restrict a user from downloading an original file if it is getting a malicious verdict from Threat Emulation?
  1. True – This is possible through the SmartDashboard Threat extraction settings.
  2. False – Due to security concerns, a user will never be able to download a file found to be malicious.
  3. True – Under Threat emulation settings you can configure this option.
  4. False – Threat Emulation provides a recommendation verdict. The user can download the file even if it is found to be malicious.
Correct answer: C

Use VCE Exam Simulator to open VCE files


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!