Free PSE-Endpoint-Associate PSE Endpoint Associate Accreditation Exam (Traps 4.0) PSE-Endpoint-Associate Exam Practice Test

By default, where are log entries for the ESM Server and the ESM Console stored?A . In XML-formatted text files on the serverB . In flat text files on the serverC . In a connected SIEM systemD . In PanoramaE . In the Windows event log on the server

Which two statements about troubleshooting installation and upgrade problems are true? (Choose two.)A . A common cause of ESM Server installation problems is the failure to confirm connectivity to WildFire before running the installer.B . A common cause of Traps endpoint agent installation problems is the failure to configure the SSL option correctly.C . ESM Server services will shut down if they are not licensed within 24 hours of being started.D . Use MSIEXEC with appropriate flags to get more logging detail at installation time.

Which three statements about the trusted publisher mechanism are true? (Choose three.)A . The trusted-publisher mechanism blocks executables from running unless they are signed by a trusted publisher.B . The list of trusted publishers is maintained through content updates.C . The trusted-publisher mechanism takes precedence over verdict overrides by administrators.D . The trusted-publisher mechanism is called whenever an executable file would otherwise get an Unknown or No Connection verdict.E . The trusted-publisher mechanism allows trusted signed executables to run without seeking a WildFire verdict.F . No executable will be affected by the trusted-publisher mechanism unless it is signed by a publisher on a list maintained by Palo Alto Networks.

In the Traps product, what does the term ''Service Protection'' mean?

• the protection of a specified process
• the ability of one ESM Server to take over for another
• the protection of a process running on a Windows Server system
• the ability of the Traps agent to make itself tamper-proof

What are two ways to prevent exploits? (Choose two.)A . Return-Oriented ProgrammingB . Address Space Layout RandomizationC . Heap SprayD . Anti-Spyware Location and RemovalE . Retained Original ProcessF . Buffer OverflowData Execution Prevention

A user receives an email that has piece of malware as an attachment. Choose the true statement.A . The piece of malware can work only if a corresponding application is on the user's system.B . The piece of malware can do damage only if it makes a connection to a command-and-control server.C . The piece of malware can work only if it begins with a buffer overflow.D . The piece of malware can work only if the user opens the attachment.

Which two of the following TLS/SSL configurations are valid in a Traps 3.4 deployment? Choose two correct answers.A . ESM Server configured for TLS/SSL; endpoint configured for TLS/SSLB . ESM Server NOT configured for TLS/SSL; endpoint configured for TLS/SSLC . ESM Server configured for TLS/SSL; endpoint NOT configured for TLS/SSLD . ESM Server NOT configured for TLS/SSL; endpoint NOT configured for TLS/SSL

The Traps product and documentation use the terms 'malware' and 'exploit' in a very specific way. Which two statements are true? (Choose two.)A . Exploits attempt to take advantage of a vulnerability in code.B . The primary vector for exploits is .exe files.C . Malware consists of application data files containing malicious code.D . Malware consists of malicious executable files that do not rely on exploit techniques.

A user receives an email with an attached data file containing an exploit. What is it's likely effect? (Choose two.)A . The exploit can work only if a corresponding application is installed on the user's system.B . The exploit can do damage only if it downloads a piece of malware.C . The exploit can work only if it begins with a buffer overflow.D . The exploit might be launched merely by previewing the attachment.

Traps endpoints send which three items directly to the ESM Server over port 2125 by default? (Choose three.)A . Requests for software update packagesB . Verdict requestsC . WildFire malware reportsD . Exploit prevention dumpsE . Prevention eventsF . Heartbeats