The FireAMP connector supports which proxy type?
SOCKS6
HTTP_proxy
SOCKS5_filename
SOCKS7
Which set of actions would you take to create a simple custom detection?
Add a SHA-256 value; upload a file to calculate a SHA-256 value; upload a text file that contains SHA-256 values.
Upload a packet capture; use a Snort rule; use a ClamAV rule.
Manually input the PE header data, the MD-5 hash, and a list of MD-5 hashes.
Input the file and file name.
When discussing the FireAMP product, which term does the acronym DFC represent?
It means Detected Forensic Cause.
It means Duplicate File Contents.
It means Device Flow Correlation.
It is not an acronym that is associated with the FireAMP product.
Where is the File Fetch context menu option available?
anywhere a filename or SHA-256 hash is displayed
only from the Filter Event View page
from the Audit Event page
from the configuration in the Business Defaults page
TESTED 19 Apr 2024