WatchGuard Endpoint Security Exam Questions & Verified Answers Graded A+, Exams of Computer Science

Download WatchGuard Endpoint Security Exam Questions & Verified Answers Graded A+ and more Exams Computer Science in PDF only on Docsity!

Ransomware - Correct Answer Malicious software that encrypts and locks the contents and files of computers and demands a ransom for the encryption to unlock the data. The Protection Cycle - Correct Answer 1) Visibility 2) Detection 3) Remediation/response 4) Prevention Visibility - Correct Answer (Protection Cycle)Trace every action taken by running applications. Detection - Correct Answer (Protection Cycle)Monitor active processes and preform real-time blocking of zero-day attacks, targeted attacks, and other advanced threats designed to bypass traditional antivirus and anti-malware solutions. Remediation/response - Correct Answer (Protection Cycle)Use collected forensic information to complete in-depth analysis of every attempted attack. Prevention - Correct Answer (Protection Cycle)Edit the protection model settings and patches for vulnerabilities Watchguard Endpoint Protection Platform (EPP) - Correct Answer (Watchguard Endpoint Security) Protects endpoints from threats and reduces the attack surface. Includes a full range of protection features(antivirus, firewall, device control, URL filtering) Watchgurad Endpoint Detection and Response (EDR) - Correct Answer (Watchguard Endpoint Security) Detects and responds effectively to any type of unknown malware, as well as the fileless and malwareless attacks that traditional solutions cannot detect. Zero-day attacks and APTs - Correct Answer New threats that have never been seen before Fileless malware - Correct Answer Malicious software that runs in memory instead of as a physical file on the endpoint. How does fileless malware operate? - Correct Answer Exploits trusted processes in memory to remain undetected. Watchguard Full Encryption - Correct Answer Encrypts the contents of disks and USB/removable storage drives connected to computers that watchguard endpoint security manages Watchguard Patch Managment - Correct Answer You can manage patches for operating system and third-party application vulnerabilities on workstations and servers Watchguard Advanced Reporting Tool - Correct Answer You can generate security intelligence and IT insights to pinpoint attacks, unusual behavior, and internal misuse Layered Protection - Correct Answer 1)Signature files and heuristic scanners 2)Contextual detections 3)Anti-exploit technology 4)Zero-trust application service 5)Threat hunting services Signature File and Heuristic Scanners Layer - Correct Answer (Layered Protection)The antivirus engine uses information gathered through collective intelligence to form the first line of defense in the layered protection Signature File and Heuristic Scanners Methodology - Correct Answer (Layered Protection) -Detects known attacks through signature files and detects malware behavior with heuristic scan methods -Uses virus and malware signature files to detect malicious files -Uses decoy files to act as bait to detect ransomware -Performs generic and heuristic detection of malware -Blocks specific ransomware URLs Contextual Detections for Fileless Attacks Layer - Correct Answer (Layered Protection) Refers to the many components that run in the background and perform behavioral analysis to automatically detect threats, trigger alerts, and block malicious content Fileless Attacks - Correct Answer (Layered Protection) -Script-based attacks -Web Browser vulnerabilities -Attacks that use existing legitimate software tools Anti-Exploit Technology Layer - Correct Answer (Layered Protection) Protects running process on endpoints from compromise. This helps to prevent fileless malware from gaining a foothold on the system Status Page - Correct Answer (Computer management) Use dashboards, lists and tasks to monitor threats to the computers and devices on your network Security Settings - Correct Answer (Computer management) -Workstation and server settings - Indicators of Attack - Risks - Program Blocking - Authorized Software - Mobile Devices - Patch Managment Workstations and Servers - Correct Answer (Computer management) - General - Advanced Protection - Antivirus - Firewall - Device Control - Web Access Control Audit Mode - Correct Answer Reports detected threats on dashboards and lists, but does not block or disinfect files. Audit Mode - Correct Answer Prevents the execution of all programs classified as malware and disinfects or deletes programs classified as malware based on antivirus settings. Allows unknown programs to run. Hardening Mode - Correct Answer Allows execution of unknown programs already installed on user computers. Blocks unknown programs that originate from an untrusted source until classification is returned. Disinfects or deletes programs classified as malware. Lock Mode - Correct Answer Prevents execution of all programs classified as malware, as well as all unknown programs pending classification. Deletes or disinfects programs already classified as malware.