NETSEC-GENERALIST · Question #30
NETSEC-GENERALIST Question #30: Real Exam Question with Answer & Explanation
The correct answer is B: Enable SSL decryption in Security policies to inspect and analyze encrypted traffic for threats.. The inline cloud analysis feature in the Advanced Threat Prevention subscription enables real- time threat detection using machine learning (ML) and deep-learning models. However, for it to be effective, the firewall must decrypt encrypted traffic to analyze potential threats hid
Question
Which step is necessary to ensure an organization is using the inline cloud analysis features in its Advanced Threat Prevention subscription?
Options
- AConfigure Advanced Threat Prevention profiles with default settings and only focus on high-risk
- BEnable SSL decryption in Security policies to inspect and analyze encrypted traffic for threats.
- CUpdate or create a new anti-spyware security profile and enable the appropriate local deep -
- DDisable anti-spyware to avoid performance impacts and rely solely on external threat intelligence.
Explanation
The inline cloud analysis feature in the Advanced Threat Prevention subscription enables real- time threat detection using machine learning (ML) and deep-learning models. However, for it to be effective, the firewall must decrypt encrypted traffic to analyze potential threats hidden within TLS/SSL connections. Why SSL Decryption is Necessary? Threat actors often hide malware and exploits in encrypted traffic. Without SSL decryption, inline cloud analysis cannot inspect encrypted threats. Decryption allows full visibility into traffic for inline deep-learning threat detection.
Topics
Community Discussion
No community discussion yet for this question.