What are two ways to prevent exploits? (Choose two.)
Return-Oriented Programming
Address Space Layout Randomization
Heap Spray
Anti-Spyware Location and Removal
Retained Original Process
Buffer Overflow
Data Execution Prevention
Which two statements about Local Analysis are true? (Choose two.)
Traps endpoint agents build a local analysis model based on the executables they detect.
Local analysis is called to validate all verdicts on executable files before the files are allowed to run.
Palo Alto Networks uses machine-learning techniques in its labs to build the local analysis model.
Local analysis is called whenever an executable file would otherwise get an Unknown or No Connection verdict.
Which three statements about the trusted publisher mechanism are true? (Choose three.)
The trusted-publisher mechanism blocks executables from running unless they are signed by a trusted publisher.
The list of trusted publishers is maintained through content updates.
The trusted-publisher mechanism takes precedence over verdict overrides by administrators.
The trusted-publisher mechanism is called whenever an executable file would otherwise get an Unknown or No Connection verdict.
The trusted-publisher mechanism allows trusted signed executables to run without seeking a WildFire verdict.
No executable will be affected by the trusted-publisher mechanism unless it is signed by a publisher on a list maintained by Palo Alto Networks.
