CheckPoint 156-730 Exam Practice Test Instant Access

Question 1

At which layer in the Attack Infection Flow can CPU Level Emulation detect a malicious file?

AThe malware binaryB. The Exploit stage

BThe shell code

CThe vulnerability

Answer : B

Question 2

When enabling Threat Emulation on a standard Check Point gateway, which command allows you to offload emulation to multiple private cloud SandBlast appliances?

Ated add remote

Btecli add remote emulator

Cadd te remote emulator

Dtecli advanced remote

Answer : D

Question 3

You analyze your Threat Prevention events in SmartEvent and there is one specific event with a PDF-document you suspect being malicious. What is a typical behavior Threat Emulation would detect as malicious? When the PDF is opened in VM:

Ait tries to open in Acrobat Reader.

Bthere are no changes to the registry.

Cit opens with Administrator privileges.

Dthere is an outgoing network connection.

Answer : D

Question 4

Which phase(s) is(are) NOT part of the Cyber Kill Chain?

AExploitationB. Command and Control

BRemediation

CAction and Objectives

Answer : C

Question 5

What are the 3 stages of securing the network with the SandBlast Agent?

APrevent, Identify and Contain, Effective response and remediationB. Asses, Detect, Prevent

BPrevent, Contain, Block

CDetect, Prevent, remediate

Answer : A

Question 6

With regard to SandBlast licensing options, which is INCORRECT?

AThe NGTP package offers the most complete Threat Prevention offeringsB. The TETX package can be added on top of NGTP package to create the NGTX package

BThe TETX package includes both Threat Emulation and Threat Extraction

CThe NGTX package offers the most complete Threat Prevention offerings

Answer : A

Question 7

Which statements below are CORRECT regarding Threat Prevention profiles in SmartDashboard?

1. You can assign multiple profiles per gateway.

2. A profile can be assigned to one or more rules.

3. Only one profile per gateway is allowed.

4. A profile can be assigned to only one rule.

A1 and 2 are correctB. 1 and 4 are correct

B2 and 3 are correct

C1, 2, 3 and 4 are correct

Answer : C

CheckPoint 156-730 Accredited Sandblast Administrator Exam Practice Test