156-215.80 · Question #510
The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.
The correct answer is B. Next Generation Threat Emulation. The Threat Emulation blade uses CPU-level and OS-level sandboxing to execute and analyze suspicious files, detecting malware before it can cause harm. The other choices are either broader package names or use different remediation methods.
Question
The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.
Options
- ANext Generation Threat Prevention
- BNext Generation Threat Emulation
- CNext Generation Threat Extraction
- DNext Generation Firewall
How the community answered
(58 responses)- A3% (2)
- B86% (50)
- C3% (2)
- D7% (4)
Why each option
The Threat Emulation blade uses CPU-level and OS-level sandboxing to execute and analyze suspicious files, detecting malware before it can cause harm. The other choices are either broader package names or use different remediation methods.
Next Generation Threat Prevention is the umbrella package name encompassing multiple blades including Threat Emulation and Threat Extraction, not a sandboxing-specific technology.
Check Point Threat Emulation (part of the SandBlast solution) runs suspicious files in isolated CPU-level and OS-level sandbox environments to observe behavior and detect zero-day and unknown malware. This is distinct from Threat Extraction, which sanitizes files rather than sandboxing them, and Threat Prevention, which is the overarching package name rather than a specific sandboxing engine.
Next Generation Threat Extraction (CDR) removes potentially malicious active content from files and delivers clean reconstructed versions, rather than using sandboxing to detect malware.
Next Generation Firewall is a blade package providing application awareness, identity-based policy enforcement, and IPS, not CPU/OS-level sandboxing.
Concept tested: Check Point Threat Emulation sandboxing blade identification
Source: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_ThreatPrevention_AdminGuide/Topics-TPAG/TE-Overview.htm
Topics
Community Discussion
No community discussion yet for this question.