Palo Alto Networks PSE-Endpoint Exam - Topic 2 Question 69 Discussion
A customer plans to test the malware prevention capabilities of Traps. It has defined this policy.* Local analysis is enabled* Quarantining of malicious files is enabled* Files are to be uploaded to WildFireNo executables have been whitelisted or blacklisted in the ESM Console Hash Control screen.Malware sample A has a verdict of Malicious in the WildFire service. Malware sample B is unknown to WildFire.Which behavior will result?
B) Hash Control already knows sample A locally in the endpoint cache and will block it. Sample B will not be blocked by WildFire, but will be blocked by the local analysis engine.
A) WildFire will block sample A as known malware; sample B will be blocked as an unknown binary while the file is analyzed by WildFire for a final verdict.
C) WildFire will block sample A as known malware, and sample B will compromise the endpoint because it is new and ESM Server has not obtained the required signatures.
D) WildFire will block sample A as known malware; sample B will not be blocked by WildFire, but will be evaluated by the local analysis engine and will or will not be blocked, based on its verdict, until WildFire analysis determines the final verdict.
Shaunna
7 months agoRenato
7 months agoMinna
7 months agoTamesha
8 months agoNell
8 months agoGolda
8 months agoCeola
8 months agoKiera
8 months agoLucy
8 months agoKeneth
8 months agoFrancesco
8 months agoDawne
9 months agoFreeman
9 months agoNida
9 months agoLouvenia
9 months agoKaycee
9 months agoGary
1 year agoViki
1 year agoGaynell
1 year agoRasheeda
1 year agoColette
1 year agoGalen
1 year agoPeggy
1 year agoPura
1 year agoBettina
1 year agoBroderick
1 year agoTerrilyn
1 year agoLeota
1 year agoDick
1 year agoTijuana
1 year agoLynette
1 year agoBettina
1 year ago