New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Paloalto Networks PSE-Endpoint-Associate PSE: Endpoint Associate training for Traps 4.0 Exam Practice Test

PSE: Endpoint Associate training for Traps 4.0 Questions and Answers

Question 1

What are two ways to prevent exploits? (Choose two.)

Options:

A.

Return-Oriented Programming

B.

Address Space Layout Randomization

C.

Heap Spray

D.

Anti-Spyware Location and Removal

E.

Retained Original Process

F.

Buffer Overflow

G.

Data Execution Prevention

Question 2

Which two statements about Local Analysis are true? (Choose two.)

Options:

A.

Traps endpoint agents build a local analysis model based on the executables they detect.

B.

Local analysis is called to validate all verdicts on executable files before the files are allowed to run.

C.

Palo Alto Networks uses machine-learning techniques in its labs to build the local analysis model.

D.

Local analysis is called whenever an executable file would otherwise get an Unknown or No Connection verdict.

Question 3

Which three statements about the trusted publisher mechanism are true? (Choose three.)

Options:

A.

The trusted-publisher mechanism blocks executables from running unless they are signed by a trusted publisher.

B.

The list of trusted publishers is maintained through content updates.

C.

The trusted-publisher mechanism takes precedence over verdict overrides by administrators.

D.

The trusted-publisher mechanism is called whenever an executable file would otherwise get an Unknown or No Connection verdict.

E.

The trusted-publisher mechanism allows trusted signed executables to run without seeking a WildFire verdict.

F.

No executable will be affected by the trusted-publisher mechanism unless it is signed by a publisher on a list maintained by Palo Alto Networks.