May be D, "When a user attempts to run an executable, the operating system attempts to run the executable as a process. If the process tries to launch any child processes, Traps first evaluates the child process protection policy."
https://docs.paloaltonetworks.com/traps/tms/traps-management-service-admin/traps-management-service-overview/traps-evaluation-and-protection-flow.html
Traps is deprecated. Migrated to Cortex XDR, I replied on previous post, not realizing that at some point Palo Alto had a Traps program (I was thinking SNMP Traps). There is no reference to Traps in Palo Alto Cybersecurity Guide anymore, except for SNMP Traps. So, answers will likely change on the test to either Cortex XDR or AutoFocus:
"The migration of Traps management service to Cortex XDR is now complete. See Cortex XDR for more information."
https://docs.paloaltonetworks.com/traps
D.
"When a user or endpoint attempts to open an executable, Traps first verifies that the
executable doesn’t violate any policy-based restrictions."
Source: Cybersecurity Survival Guide
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.PCCSA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Aragorn_360
4 years, 3 months agojoxl01
4 years, 4 months agoCiscoSannin
4 years, 9 months ago