Free Preparation Discussions
MENU
Broadcom Exam 250-580 Topic 1 Question 9 Discussion
Topic #: 1
A user is unknowingly about to connect to a malicious website and download a known threat within a .rar file. All Symantec Endpoint Protection technologies are installed on the client's system.
In which feature set order must the threat pass through to successfully infect the system?
When a user attempts to connect to a malicious website and download a known threat, the threat passes through SEP's Firewall, Intrusion Prevention System (IPS), and Download Insight in that order. This layered approach helps prevent threats at different stages of the attack chain.
Threat Path Through SEP Protection Features:
Firewall: Blocks or allows network connections based on policy, filtering initial traffic to potentially dangerous sites.
IPS: Monitors and blocks known patterns of malicious activity, such as suspicious URLs or network behavior, providing another layer of defense.
Download Insight: Analyzes file reputation and blocks known malicious files based on reputation data, which is especially effective for files within archives like .rar files.
Why This Order is Effective:
Each layer serves as a checkpoint: the Firewall controls network access, IPS scans for malicious traffic, and Download Insight assesses files for risk upon download, ensuring thorough protection.
Why Other Orders Are Incorrect:
Options with Download Insight or IPS preceding the Firewall do not match SEP's operational order of defense.
Currently there are no comments in this discussion, be the first to comment!