WatchGuard Endpoint Security Essentials - Endpoint Security Essentials Exam
Page: 1 / 9
Total 41 questions
Question #1 (Topic: Exam A)
Antivirus uses a combination of signature files and heuristics to prevent unknown threats from exploiting trusted processes that run in memory.
A. True
B. False
Answer: A
Question #2 (Topic: Exam A)
What is considered the weakest security point of a corporate network?
A. Firewall configuration errors
B. Physical hardware security devices
C. The network perimeter
D. Software as a Service
E. Users
Answer: E
Question #3 (Topic: Exam A)
What is the main reason why fileless malware is so dangerous?
A. Because this type of malware encrypts the user drive.
B. Because this type of malware executes administrator privileges to run commands.
C. Because this type of malware can exploit trusted processes in memory to remain undetected.
D. Because this type of malware takes advantage of unpatched vulnerabilities on an endpoint.
E. Because this type of malware uses macros to disguise itself and compromise the endpoint.
Answer: C
Question #4 (Topic: Exam A)
What can you do to defend against Living off the Land (LotL) attacks? (Choose two.)
A. Remove potentially dangerous applications from commonly used gold images.
B. Restrict applications users can access.
C. Disable User Access Control (UAC) on Windows endpoints.
D. Keep antivirus signatures current.
E. Disable the Windows Event Log service.
Answer: AB
Question #5 (Topic: Exam A)
From the list below select two basic functions of an endpoint detection and response model. (Choose two.)
A. Signature files are used to identify known threats.
B. Out-of-date software is automatically updated.
C. Unknown processes are allowed to run to reduce latency.
D. Each process that runs on an endpoint is monitored.
E. Telemetry events such as registry edits and file modifications, are sent for analysis.
Answer: DE
