Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Location Chicago IL, USA

Exam Essentials topic 1 question 36 discussion

Actual exam question from WatchGuard's Essentials
Question #: 36
Topic #: 1
[All Essentials Questions]

Match each WatchGuard Subscription Service with its function.
Uses full-system emulation analysis to identify characteristics and behavior of zero-day malware. (Choose one).

  • A. Reputation Enable Defense RED
  • B. Gateway / Antivirus
  • C. Data Loss Prevention DLP
  • D. Spam Blocker
  • E. WebBlocker
  • F. Intrusion Prevention Server IPS
  • G. Application Control
  • H. Quarantine Server
  • I.
Show Suggested Answer Hide Answer

Suggested Answer: I
APT Blocker is intended to stop malware and zero-day threats that are trying to invade an organization's network.
APT Blocker uses a next-gen sandbox to get detailed views into the execution of a malware program. After first running through other security services, files are fingerprinted and checked against an existing database first on the appliance and then in the cloud. If the file has never been seen before, it is analyzed using the system emulator, which monitors the execution of all instructions. It can spot the evasion techniques that other sandboxes miss.
Reference:
http://www.watchguard.com/wgrd-products/security-modules/apt-blocker

Comments

Arjjra
1 year, 11 months ago
not able to see the rest of the boxes. only the first one
upvoted 2 times
...
LoCarb_Monster
1 year, 2 months ago
The answer is APT, and should be the 'I.' option WatchGuard Network Security Essentials Study Guide v12.5 pg. 146 "APT Blocker Cloud-based service that uses emulation analysis to identify the characteristics and behavior of zero-day malware."
upvoted 3 times
...
EnjoiTech
1 year, 1 month ago
APT Blocker Cloud-based service that uses emulation analysis to identify the characteristics and behavior of zero-day malware.
upvoted 2 times
...
Satornjkk
2 months, 2 weeks ago
Yes, APT Blocker is correct.
upvoted 1 times
...

SaveCancel