Palo Alto Networks PSE-Endpoint Exam - Topic 2 Question 2 Discussion
An administrator is testing an exploit that is expected to be blocked by the JIT Mitigation EPM protecting the viewer application in use. No prevention occurs, and the attack is successful.In which two ways can the administrator determine the reason for the missed prevention? (Choose two.)
A) Check in the HKLM\SYSTEM\Cyvera\Policy registry key and subkeys whether JIT Mitigation is enabled for this application and C) Check that the Traps libraries are injected into the application
B) Check if a Just-In-Time debugger is installed on the system
D) Check that all JIT Mitigation functions are enabled in the HKLM\SYSTEM\Cyvera\Policy\Organization\Process\Default registry key
Renato
8 months agoGerry
8 months agoRhea
8 months agoOra
8 months agoGrover
8 months agoTheron
9 months agoRonna
9 months agoEmily
9 months agoElbert
9 months agoXuan
9 months agoRessie
9 months agoFrank
9 months agoDorsey
9 months ago