CertsTopics Logo

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Checkpoint 156-730 Dumps

Page: 1 / 2
Total 40 questions
Get 156-730 Full Access Download 156-730 PDF

Check Point Accredited Sandblast Administrator Questions and Answers

Question 1

What is TRUE for SandBlast local emulation deployment?1. Any Check Point gateway can perform local emulation.

2. SandBlast Appliance is required.

3. Existing gateway can collect files and forward to emulation.

Options:

A.

2 and 3 are correctB. 1, 2, and 3 are correct

B.

1 and 3 are correct

C.

1 and 2 are correct

Question 2

When enabling Threat Emulation on a standard Check Point gateway, which command allows you to offload emulation to multiple private cloud SandBlast appliances?

Options:

A.

ted add remote

B.

tecli add remote emulator

C.

add te remote emulator

D.

tecli advanced remote

Question 3

What’s the password for the encrypted malicious file available via the Threat Emulation forensics report?

Options:

A.

maliciousB. forensics

B.

password

C.

infected

Question 4

The file reclassifier is a Threat Emulation component used to perform which function on files in the stream?

Options:

A.

Count the hits of each file extension, used as part of the reporting mechanism.

B.

Used to measure Threat Emulation usage and reporting back to Check Point.

C.

Used to rename files extension so they are processed using the correct application based on the file magic.

D.

Used to rename files extension so they are processed using the correct application based on the current file extension.

Question 5

Select the true statement about Threat Emulation Open Server appliances.

Options:

A.

Supports custom images without any special requirement.

B.

No requirement to enable VT (Hardware Virtualization).

C.

Only Cloud emulation service is supported on an open platform.

D.

Threat Extraction is not supported on an open platform.

Question 6

How can CPU Level Emulation detect ROP?

Options:

A.

Locate a CPU flow buffer with mismatch between called and returned addresses.

B.

Increased CPU temperature.

C.

Wrong order in the ROP Gadgets Dictionary.

D.

It is detected as soon as the evasion code runs and injects the malicious code into a legitimate process.

Page: 1 / 2
Total 40 questions
Get 156-730 Full Access Download 156-730 PDF