Free PSE-Endpoint-Associate PSE Endpoint Associate Accreditation Exam (Traps 4.0) PSE-Endpoint-Associate Exam Practice Test

A user receives an email with an attached data file containing an exploit. What is it's likely effect? (Choose two.)A . The exploit can work only if a corresponding application is installed on the user's system.B . The exploit can do damage only if it downloads a piece of malware.C . The exploit can work only if it begins with a buffer overflow.D . The exploit might be launched merely by previewing the attachment.

What can be used to change the uninstall passwords of agents after the initial installation of the ESM Server and the endpoint agent software?A . Using the Advanced tab of the Traps endpoint agent consoleB . Using an agent action in ESM ConsoleC . Using an ESM Server setting in ESM ConsoleD . Using the command 'dbconfig server uninstallpassword' on ESM Server

Which two of the following TLS/SSL configurations are valid in a Traps 3.4 deployment? Choose two correct answers.A . ESM Server configured for TLS/SSL; endpoint configured for TLS/SSLB . ESM Server NOT configured for TLS/SSL; endpoint configured for TLS/SSLC . ESM Server configured for TLS/SSL; endpoint NOT configured for TLS/SSLD . ESM Server NOT configured for TLS/SSL; endpoint NOT configured for TLS/SSL

The Traps product and documentation use the terms 'malware' and 'exploit' in a very specific way. Which two statements are true? (Choose two.)A . Exploits attempt to take advantage of a vulnerability in code.B . The primary vector for exploits is .exe files.C . Malware consists of application data files containing malicious code.D . Malware consists of malicious executable files that do not rely on exploit techniques.

What are two ways to prevent exploits? (Choose two.)A . Return-Oriented ProgrammingB . Address Space Layout RandomizationC . Heap SprayD . Anti-Spyware Location and RemovalE . Retained Original ProcessF . Buffer OverflowData Execution Prevention

Traps endpoints send which three items directly to the ESM Server over port 2125 by default? (Choose three.)A . Requests for software update packagesB . Verdict requestsC . WildFire malware reportsD . Exploit prevention dumpsE . Prevention eventsF . Heartbeats

A user receives an email that has piece of malware as an attachment. Choose the true statement.A . The piece of malware can work only if a corresponding application is on the user's system.B . The piece of malware can do damage only if it makes a connection to a command-and-control server.C . The piece of malware can work only if it begins with a buffer overflow.D . The piece of malware can work only if the user opens the attachment.

Which two statements about Local Analysis are true? (Choose two.)A . Traps endpoint agents build a local analysis model based on the executables they detect.B . Local analysis is called to validate all verdicts on executable files before the files are allowed to run.C . Palo Alto Networks uses machine-learning techniques in its labs to build the local analysis model.D . Local analysis is called whenever an executable file would otherwise get an Unknown or No Connection verdict.

Which is the correct set of prerequisite software components for a production deployment of Endpoint Security Manager?A . IIS, .NET, Microsoft SQL Server or SQLite, and an active WildFire subscriptionB . IIS, .NET, and Microsoft SQLiteC . IIS, .NET, and any relational databaseD . IIS, .NET, Microsoft SQL Server, and an SMTP email serverE . IIS, .NET, and Microsoft SQL Server

What can a Traps content update include? (Choose three.)A . New EPMsB . Updates to the local-analysis modelC . New trusted root certificatesD . New default policy rulesE . New trusted publishersF . New Traps endpoint drivers