Where is the File Fetch context menu option available?
anywhere a filename or SHA-256 hash is displayed
only from the Filter Event View page
from the Audit Event page
from the configuration in the Business Defaults page
Which set of actions would you take to create a simple custom detection?
Add a SHA-256 value; upload a file to calculate a SHA-256 value; upload a text file that contains SHA-256 values.
Upload a packet capture; use a Snort rule; use a ClamAV rule.
Manually input the PE header data, the MD-5 hash, and a list of MD-5 hashes.
Input the file and file name.
How does application blocking enhance security?
It identifies and logs usage.
It tracks application abuse.
It deletes identified applications.
It blocks vulnerable applications from running, until they are patched.
What do policies enable you to do?
specify a custom whitelist
specify group membership
specify hosts to include in reports
specify which events to view