Palo Alto Networks Exam PSE-Endpoint Topic 1 Question 42 Discussion

Actual exam question for Palo Alto Networks's PSE-Endpoint exam

Question #: 42
Topic #: 1

An administrator has decided to test Traps functionality using malware samples in an isolated non-production environment. In order to effectively test Traps, what three types of samples should the administrator avoid? (Choose three.)

AA sample with a low number of hits in Virus Total

BAn MS Office document which contains a ransomware macro

CA sample known to be flagged as grayware by Traps

DA freeware video application which spawns malicious processes

EA sample known to generate false positives in the production environment.

Show Suggested Answer

Suggested Answer: B

by Sylvia at Feb 25, 2023, 04:24 AM

Limited Time Offer

25%

Off

Get Premium PSE-Endpoint Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Hyman

18 days ago

A sample known to be flagged as grayware by Traps? Nah, that's too easy. Where's the challenge?

upvoted 0 times

Linn

3 days ago

User 1: A sample known to be flagged as grayware by Traps? Nah, that's too easy. Where's the challenge?

upvoted 0 times

...

Vallie

19 days ago

The ransomware macro in the MS Office document is a definite no-go. That's just asking for trouble, even in a non-production environment.

upvoted 0 times

...

Kirk

22 days ago

I'd avoid the sample with a low number of hits on VirusTotal. That's probably not a good test case.

upvoted 0 times

...

Hyman

24 days ago

I think we should avoid samples flagged as grayware by Traps as well.

upvoted 0 times

...

Arlene

26 days ago

I agree, we should also avoid samples known to generate false positives.

upvoted 0 times

...

Alaine

1 months ago

I think we should avoid samples with low hits in Virus Total.

upvoted 0 times

...