Which Check Point software blade provides protection from zero-day and undiscovered threats?
A.
Firewall
B.
Threat Emulation
C.
Application Control
D.
Threat Extraction
Explanation:
SandBlast Threat Emulation
As part of the Next Generation Threat Extraction software bundle (NGTX), the SandBlast Threat
Emulation capability prevents infections from undiscovered exploits zero-day and targeted attacks. This
innovative solution quickly inspects files and runs them in a virtual sandbox to discover malicious behavior.
Discovered malware is prevented from entering the network.
https://www.checkpoint.com/products/next-generation-threat-prevention/
The correct answer is B
Why not option D? If the system cleans the doc (for example a .xlsm with malicious macro code)it protects you from a zero-day attack and a undiscover
Because, TX just change the format without analysis, and it supports just a few formats. TE as the question says, provides protection from undiscovr threats, it protects also when the archive is another not supported on TX, like Flash archives.
I agree. “B.
Threat Emulation”
D is the correct
B is correct
The correct answer is B
As part of the Next Generation Threat Prevention & SandBlast™ software bundle (NGTX), the SandBlast Threat Emulation capability prevents infections from undiscovered exploits zero-day and targeted attacks.
B is the correct answer. NGTX (Next Gen Threat Extraction) is the software blade PACKAGE that includes the Threat Emulation software blade. So if you are asked for the software blade package, it is NGTX, and if asked for the software blade, it is Threat Emulation.
Confirmed from CCSA Exam
Threat Emulation – Protection against infections from undiscovered exploits, zero-day and targeted attacks.