March Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Checkpoint 156-730 Check Point Accredited Sandblast Administrator Exam Practice Test

Page: 1 / 4
Total 40 questions

Check Point Accredited Sandblast Administrator Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$36  $119.99

PDF Study Guide

  • Product Type: PDF Study Guide
$31.5  $104.99
Question 1

What attack vectors are protected by using the SandBlast Agent?

Options:

A.

Mail, Web, Office 365B. Outside the office, removable media, lateral movement

B.

Office 365, Outside of the office, removable media, lateral movement

C.

email, Lateral movement, Removable media, encrypted channels

Question 2

What Mail Transfer Agent is used with SandBlast?

Options:

A.

ExchangeB. Check Point

B.

Postfix

C.

Sendmail

Question 3

Why should you use a Mail Transfer Agent when configuring Prevent/Hold-mode?

1. TE inspection in streaming mode can cause the sending mail server not to send any additional emails until the emulation of the prior email is completed.

2. TE inspection in Mail Transfer Agent mode will accept all valid incoming emails before inspection.

3. It will allow the email to reach the user while at the same time be sent for Dynamic Analysis.

4. There is no Mail Transfer Agent mode for Threat Emulation, only for Anti-Spam.

Options:

A.

2 and 4 are correctB. 2 and 3 are correct

B.

1 and 2 are correct

C.

All are correct

Question 4

What is a ROP Gadgets Dictionary?

Options:

A.

Lookup table used by CPU Level Emulation to detect malwareB. A generated stack of return addresses

B.

Feature sets which can be used to discover the true meaning of the code

C.

List of commonly used passwords

Question 5

Threat Emulation Cloud offers pods to perform emulation, in which geographies are these pods located

Options:

A.

USA and Germany onlyB. Germany, Israel, USA

B.

UK, USA, South America

C.

Israel, Germany, Russia

Question 6

What are the given options for remediation?

1. Remediation script

2. Auto remediation

3. Using Threat Emulation to block and remove the infected file

4. Use the locally installed Anti-Virus to perform a complete system scan

Options:

A.

3 and 4

B.

2 and 3

C.

1 and 4

D.

1 and 2

Page: 1 / 4
Total 40 questions