nerdexam
Check_Point

156-215.80 · Question #510

The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

The correct answer is B. Next Generation Threat Emulation. The Threat Emulation blade uses CPU-level and OS-level sandboxing to execute and analyze suspicious files, detecting malware before it can cause harm. The other choices are either broader package names or use different remediation methods.

Introduction to Check Point Technology

Question

The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

Options

  • ANext Generation Threat Prevention
  • BNext Generation Threat Emulation
  • CNext Generation Threat Extraction
  • DNext Generation Firewall

How the community answered

(58 responses)
  • A
    3% (2)
  • B
    86% (50)
  • C
    3% (2)
  • D
    7% (4)

Why each option

The Threat Emulation blade uses CPU-level and OS-level sandboxing to execute and analyze suspicious files, detecting malware before it can cause harm. The other choices are either broader package names or use different remediation methods.

ANext Generation Threat Prevention

Next Generation Threat Prevention is the umbrella package name encompassing multiple blades including Threat Emulation and Threat Extraction, not a sandboxing-specific technology.

BNext Generation Threat EmulationCorrect

Check Point Threat Emulation (part of the SandBlast solution) runs suspicious files in isolated CPU-level and OS-level sandbox environments to observe behavior and detect zero-day and unknown malware. This is distinct from Threat Extraction, which sanitizes files rather than sandboxing them, and Threat Prevention, which is the overarching package name rather than a specific sandboxing engine.

CNext Generation Threat Extraction

Next Generation Threat Extraction (CDR) removes potentially malicious active content from files and delivers clean reconstructed versions, rather than using sandboxing to detect malware.

DNext Generation Firewall

Next Generation Firewall is a blade package providing application awareness, identity-based policy enforcement, and IPS, not CPU/OS-level sandboxing.

Concept tested: Check Point Threat Emulation sandboxing blade identification

Source: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_ThreatPrevention_AdminGuide/Topics-TPAG/TE-Overview.htm

Topics

#threat emulation#sandboxing#malware detection#software blade

Community Discussion

No community discussion yet for this question.

Full 156-215.80 Practice