U.S. Independence Day Deal! Unlock 25% OFF Today – Limited-Time Offer - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks PSE-Endpoint Exam - Topic 1 Question 42 Discussion

An administrator has decided to test Traps functionality using malware samples in an isolated non-production environment. In order to effectively test Traps, what three types of samples should the administrator avoid? (Choose three.)
B) An MS Office document which contains a ransomware macro
A) A sample with a low number of hits in Virus Total
C) A sample known to be flagged as grayware by Traps
D) A freeware video application which spawns malicious processes
E) A sample known to generate false positives in the production environment.

Palo Alto Networks PSE-Endpoint Exam - Topic 1 Question 42 Discussion

Actual exam question for Palo Alto Networks's PSE-Endpoint exam
Question #: 42
Topic #: 1
[All PSE-Endpoint Questions]

An administrator has decided to test Traps functionality using malware samples in an isolated non-production environment. In order to effectively test Traps, what three types of samples should the administrator avoid? (Choose three.)

Show Suggested Answer Hide Answer
Suggested Answer: B

Contribute your Thoughts:

0/2000 characters
Ernie
8 months ago
Wait, are we sure about avoiding false positives? That seems odd.
upvoted 0 times
...
Ahmed
8 months ago
I disagree, low hits on Virus Total can still be useful for testing.
upvoted 0 times
...
Truman
8 months ago
A freeware app that spawns malicious processes? Sounds risky!
upvoted 0 times
...
Lavera
8 months ago
I think the ransomware macro is a bad idea too.
upvoted 0 times
...
Geoffrey
8 months ago
Definitely avoid the grayware samples!
upvoted 0 times
...
Grover
8 months ago
I feel like A could be tricky since a low number of hits might not mean it's safe, but I’m not completely confident about that one.
upvoted 0 times
...
Sylvia
8 months ago
I practiced a similar question, and I think we should definitely steer clear of anything that could cause real damage, like B with the ransomware macro.
upvoted 0 times
...
Mee
8 months ago
I’m not entirely sure, but I think samples that are flagged as grayware could interfere with the testing, so C might be one to avoid.
upvoted 0 times
...
Callie
9 months ago
I remember we discussed avoiding samples that could create false positives, so E seems like a solid choice.
upvoted 0 times
...
Regenia
9 months ago
Hmm, this is a tricky one. I'm thinking a combination of a record-triggered flow and some Apex code might be the way to go. The flow could handle the email notification, and the Apex could take care of the onboarding task logic.
upvoted 0 times
...
Douglass
9 months ago
Alright, I've got this. The key is to identify the specific exception being thrown and then choose the option that properly handles it.
upvoted 0 times
...
Norah
9 months ago
Hmm, I'm a bit unsure about this one. I'll need to think through the different types of audits and their independence levels.
upvoted 0 times
...
Arlie
1 year ago
Wait, we're not supposed to use samples that are already known to be bad? Where's the fun in that?
upvoted 0 times
...
Emogene
1 year ago
False positives in production? No, thanks. I'd rather not get that phone call from the boss.
upvoted 0 times
Bethanie
1 year ago
E) A sample known to generate false positives in the production environment.
upvoted 0 times
...
Lisha
1 year ago
B) An MS Office document which contains a ransomware macro
upvoted 0 times
...
Willard
1 year ago
A) A sample with a low number of hits in Virus Total
upvoted 0 times
...
...
Taryn
1 year ago
A freeware video app that spawns malicious processes? Sounds like a party! Let's do it!
upvoted 0 times
Kip
1 year ago
User 3: We should also steer clear of the sample known to generate false positives in the production environment.
upvoted 0 times
...
Adaline
1 year ago
User 2: Yeah, that one won't really test Traps effectively.
upvoted 0 times
...
Rana
1 year ago
User 1: Let's avoid the sample with a low number of hits in Virus Total.
upvoted 0 times
...
...
Hyman
1 year ago
A sample known to be flagged as grayware by Traps? Nah, that's too easy. Where's the challenge?
upvoted 0 times
Arlette
1 year ago
User 2: Yeah, we need to test with more complex samples to really see how Traps performs.
upvoted 0 times
...
Linn
1 year ago
User 1: A sample known to be flagged as grayware by Traps? Nah, that's too easy. Where's the challenge?
upvoted 0 times
...
...
Vallie
1 year ago
The ransomware macro in the MS Office document is a definite no-go. That's just asking for trouble, even in a non-production environment.
upvoted 0 times
...
Kirk
1 year ago
I'd avoid the sample with a low number of hits on VirusTotal. That's probably not a good test case.
upvoted 0 times
Lonna
1 year ago
Let's make sure to avoid the MS Office document which contains a ransomware macro too.
upvoted 0 times
...
Kimberely
1 year ago
I think we should avoid the freeware video application which spawns malicious processes as well.
upvoted 0 times
...
Lilli
1 year ago
We should also steer clear of the sample known to generate false positives in the production environment.
upvoted 0 times
...
Oliva
1 year ago
I agree, we should definitely avoid the sample with a low number of hits on VirusTotal.
upvoted 0 times
...
...
Hyman
1 year ago
I think we should avoid samples flagged as grayware by Traps as well.
upvoted 0 times
...
Arlene
1 year ago
I agree, we should also avoid samples known to generate false positives.
upvoted 0 times
...
Alaine
1 year ago
I think we should avoid samples with low hits in Virus Total.
upvoted 0 times
...

Save Cancel