← Back to exam page

156-730 IBM Certified Associate Administrator - Security QRadar SIEM V7.2.8

Loading demo links...

Showing 1–3 of 5 questions

Question 1

Select the true statement about Threat Emulation Open Server appliances.

Select an option, then click Submit answer.

  • Supports custom images without any special requirement.

  • No requirement to enable VT (Hardware Virtualization).

  • Only Cloud emulation service is supported on an open platform.

  • Threat Extraction is not supported on an open platform.
Question 2

How can the SandBlast Agent protect against encrypted archives?

Select an option, then click Submit answer.

  • The SandBlast Agent cannot protect from an encrypted malware.

  • Since to open the encrypted archive the user must know the password, once opened and the writing to the disk has begun. the SandBlast Agent will immediately scan the file.

  • Password protected archive file is opened via brute force and dictionary attack. Once file is open the SandBlast Agent can scan it and send it to emulation.

  • Only if the administrator has added a special password file and the password that is used for the archive is part of the password list on the file.
Question 3

A Threat Extraction license is always bundled with Threat Emulation.

Select an option, then click Submit answer.

  • False – they can be purchased separately.

  • True – it is part of the NGTX license.

  • True – it is part of the NGTP and EBP license.

  • False – Threat extraction is part of the basic NGFW license.