You analyze your Threat Prevention events in SmartEvent and there is one specific event with a PDF-document you suspect being malicious. What is a typical behavior Threat Emulation would detect as malicious? When the PDF is opened in VM:
Which phase(s) is(are) NOT part of the Cyber Kill Chain?
What are the 3 stages of securing the network with the SandBlast Agent?
With regard to SandBlast licensing options, which is INCORRECT?
Which statements below are CORRECT regarding Threat Prevention profiles in SmartDashboard?
1. You can assign multiple profiles per gateway.
2. A profile can be assigned to one or more rules.
3. Only one profile per gateway is allowed.
4. A profile can be assigned to only one rule.