Download CheckPoint.certkiller.156-730.2018-06-05.1e.22q.vcex

Exam IBM Certified Associate Administrator - Security QRadar SIEM V7.2.8
Number 156-730
File Name CheckPoint.certkiller.156-730.2018-06-05.1e.22q.vcex
Size 14 Kb
Posted June 09, 2018


How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.


With discount: 20%

Demo Questions

Question 1

Which deployment modes support Prevent? 
SPAN port 

  • A: 1 and 3 are correct
  • B: 1, 2, and 3 are correct
  • C: 1 and 2 are correct
  • D: 2 and 3 are correct
Question 2

What are the SandBlast deployment options? 
Cloud emulation 
Emulation on the Endpoint itself 
Local Emulation 
Remote emulation

  • A: 1 and 2 are correct
  • B: 1 and 3 are correct
  • C: 1, 3, and 4 are correct
  • D: 2 and 3 are correct
Question 3

Regarding a proper Threat Emulation sizing for an environment with 1000 users for web and email traffic which assumptions are correct? 
2000 unique files per day within SMTP/S 
2500 unique files per day within HTTP/S 
7000 unique files per day within SMTP/S 
5000 unique files per day within HTTP/s

  • A: 1 and 2 are correct
  • B: 1 and 3 are correct
  • C: 1 and 4 are correct
  • D: 2 and 3 are correct
Question 4

Which command do you use to monitor the current status of the emulation queue? 

  • A: tecli show emulator queue
  • B: tecli show emulator emulations
  • C: tecli show emulator queue size
  • D: tecli show emulation emu
Question 5

Which Blades of the SandBlast Agent are used for remediation?

  • A: DLP and Compliance blades
  • B: Anti-Bot blade and Threat Emulation blades
  • C: Forensics and Threat Emulation blades
  • D: Threat Emulation and Threat Extraction Blades
Question 6

What’s the password for the encrypted malicious file available via the Threat Emulation forensics report?

  • A: malicious
  • B: forensics
  • C: password
  • D: infected
Question 7

When running the Threat Emulation first time wizard, which of these is NOT an option for file analysis location?

  • A: ThreatCloud Emulation Service
  • B: tecli advanced remote
  • C: Locally on this Threat Emulation Appliance
  • D: Other Threat Emulation Appliance
Question 8

A Threat Extraction license is always bundled with Threat Emulation.

  • A: False – they can be purchased separately.
  • B: True – it is part of the NGTX license.
  • C: True – it is part of the NGTP and EBP license.
  • D: False – Threat extraction is part of the basic NGFW license.
Question 9

What attack vectors are protected by using the SandBlast Agent?

  • A: Mail, Web, Office 365
  • B: Outside the office, removable media, lateral movement
  • C: Office 365, Outside of the office, removable media, lateral movement
  • D: email, Lateral movement, Removable media, encrypted channels
Question 10

How can the SandBlast Agent protect against encrypted archives?

  • A: The SandBlast Agent cannot protect from an encrypted malware.
  • B: Since to open the encrypted archive the user must know the password, once opened and the writing to the disk has begun. the SandBlast Agent will immediately scan the file.
  • C: Password protected archive file is opened via brute force and dictionary attack. Once file is open the SandBlast Agent can scan it and send it to emulation.
  • D: Only if the administrator has added a special password file and the password that is used for the archive is part of the password list on the file.