Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam PSE-Endpoint Topic 2 Question 69 Discussion

Actual exam question for Palo Alto Networks's PSE-Endpoint exam
Question #: 69
Topic #: 2
[All PSE-Endpoint Questions]

A customer plans to test the malware prevention capabilities of Traps. It has defined this policy.

* Local analysis is enabled

* Quarantining of malicious files is enabled

* Files are to be uploaded to WildFire

No executables have been whitelisted or blacklisted in the ESM Console Hash Control screen.

Malware sample A has a verdict of Malicious in the WildFire service. Malware sample B is unknown to WildFire.

Which behavior will result?

Show Suggested Answer Hide Answer
Suggested Answer: B

by Ilona at Jul 13, 2024, 09:45 AM

Limited Time Offer

25%

Off

Get Premium PSE-Endpoint Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Colette
1 days ago
Woah, C is definitely wrong. There's no way the unknown sample B would compromise the endpoint if ESM hasn't got the signatures yet. That's just crazy talk!
upvoted 0 times
...
Pura
4 days ago
Hmm, I'm not sure about this one. I think B might be the right answer, since the endpoint cache should already know about sample A.
upvoted 0 times
...
Bettina
8 days ago
But if WildFire already knows sample A as malicious, it should block it immediately, right?
upvoted 0 times
...
Broderick
9 days ago
I think the correct answer is D. WildFire will block the known malware, while the unknown sample will be evaluated by the local analysis engine until WildFire provides a final verdict.
upvoted 0 times
...
Lynette
13 days ago
I disagree, I believe the correct answer is D.
upvoted 0 times
...
Bettina
15 days ago
I think the answer is A.
upvoted 0 times
...

Save Cancel