A company discovers through the agent health display in ESM Console that a certain Traps agent is not communicating with ESM Server. Administrators suspect that the problem relates to TLS/SSL. Which troubleshooting step determines if this is an SSL issue?
A. From the agent run the command: telnet (hostname) (port)
B. Check that the Traps service is running
C. From the agent run the command: ping (hostname)
D. Browse to the ESM hostname from the affected agent
An administrator can check which two indicators to verity that Traps for Mac is running correctly on an installed endpoint? (Choose two.)
A. Use cytool from the command line interface to display the running Traps agent services.
B. In the Activity Monitor, verify that CyveraSecvice is running
C. Ping other Traps agents from the macOS agent
D. Verity that the Traps agent icon is displayed on the macOS finder bar.
Once an administrator has successfully instated a Content Update, how is the Content Update applied to endpoint?
A. After Installation on the ESM, an Agent License renewal is required in order to trigger relevant updates.
B. After installation on the ESM, relevant updates occur at the next Heartbeat communication from each endpoint.
C. Installation of a Content Update triggers a proactive push of the update by the ESM server to all endpoints with licensed Traps Agents within the Domain.
D. The Traps Agent must be reinstalled on the endpoint in order to apply the content update. Existing Agents will not be able to take advantage of content updates.
An administrator receives a number of email alerts indicating WildFire has prevented a malicious activity. All the prevention events refer to launching an Install Wizard that has received a benign verdict from WildFire. All prevention events are reported on a subset of endpoints, that have recently been migrated Mom another Traps deployment. Which two troubleshooting actions are relevant to this investigation? (Choose two.)
A. Check that the servers xml file has been cleared on the migrated endpoints.
B. Check that the ClientInfoHash tag has been cleared on the migrated endpoints.
C. Check that the actions xml file has not been cleared on the migrated endpoints.
D. Check that the WildFire cache has been cleared on the migrated endpoints.
The administrator has downloaded the Traps_macOS_4.x.x.zip file. What are the next steps needed to successfully install the Traps 4.x for macOS agent?
A. Push the Traps_macOS_4.x.x.zip to the target endpoint(s), unzip it, and execute Traps.pkg
B. Unzip the Traps_macOS_4.x.x.zip, push the Traps pkg file to the target endpoint(s) and execute Traps.pkg
C. Create a one time action to install the Traps_macOS_4.x.x.zip file on the target endpoint(s)
D. Create an installation package using Traps_macOS_4.x.x on ESM, download the installationpackage.zip, push the installationpackage.zip to target endpoint(s), unzip it, and execute Traps.pkg
When planning to test a software exploit using a Metasploit module, what two options should be considered about the victim host to ensure success?
A. USB port version of the victim host
B. Speed and make of the victim's RAM
C. software version of the target application
D. platform, architecture, and patch level of the victim host
An administrator receives an alert indicating the ESM service is not starting on the ESM Server. When the
administrator tries to start the service manually, the administrator receives an error. "The Endpoint Security
Manager service on Local Computer started and then stopped."
What is the cause of the failure?
A. The Account assigned to the service does not have "Log on as a batch job" permissions on the machine.
B. The Account assigned to the service does not have "Log on as a service" permissions on the machine.
C. The Account assigned to the service is not the Local Administrator on the machine.
D. The Account assigned to the service is not an Active Directory Domain user.
An administrator is concerned about rogue installs of Internet Explorer. Which policy can be created to assure that Internet Explorer can only run from the \Program Files \Internet Explorer \directory?
A. An execution path policy to blacklist iexplore.exe, and whitelist entry for %programfiles%\iexplore.exe
B. An execution path policy to blacklist *\iexplore.exe. Trusted signers will allow the default iexplore.exe
C. A whitelist of *\iexplore.exe with an execution path restriction, and a blackfirst of %system% \iexplore.exe
D. An execution path policy to blacklist *\iexplore.exe, and a whitelist entry for %programfiles%\Internet Explorer\iexplore.exe
Assume a Child Process Protection rule exists for powershell.exe in Traps v 4.0. Among the items on the blacklist is ipconfig.exe. How can an administrator permit powershell.exe to execute ipconfig.exe without altering the rest of the blacklist?
A. add ipconfig.exe to the Global Child Processes Whitelist, under Restriction settings.
B. Uninstall and reinstall the traps agent.
C. Create a second Child Process Protection rule for powershell.exe to whitelist ipconfig.exe.
D. Remove ipconfig.exe from the rule's blacklist.
In a scenario where winword.exe, Microsoft Word application, is behaving abnormally, how would the administrator verify if Traps DLLs are injected to the process?
A. Run 'cytool policy winword.exe
B. Use Process Explore to find Traps DLLs injected to the process
C. Open the add-ins tab in Word's options to find Traps add-in
D. Use 'Ninja mode' in the policy editing screen in the ESM to find winword.exe
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PSE-ENDPOINT exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.