An administrator just submitted a newly found piece of spyware for WildFire analysis. The spyware passively monitors behavior without the user's knowledge. What is the expected verdict from WildFire?
D. Grayware.
Although this *is* an example of spyware, that is not one of the four possible WildFire verdicts. From Palo Alto, "Grayware typically includes adware, spyware, and Browser Helper Objects (BHOs)."
https://docs.paloaltonetworks.com/wildfire/9-1/wildfire-admin/wildfire-overview/wildfire-concepts/verdicts.html
Grayware
—The sample does not pose a direct security threat, but might display otherwise obtrusive behavior. Grayware typically includes adware, spyware, and Browser Helper Objects (BHOs).
Answer is GRAYWARE. The question is specifically asking for "VERDICT".
There is NO verdict called "SPYWARE". "Spyware" is included within the "Grayware" Verdict. See Below.
Benign Indicates that the entry received a WildFire analysis verdict of benign. Files categorized as
benign are safe and do not exhibit malicious behavior.
Grayware Indicates that the entry received a WildFire analysis verdict of grayware. Files categorized
as grayware do not pose a direct security threat but might display otherwise obtrusive
behavior. Grayware can include adware, spyware, and Browser Helper Objects (BHOs).
Phishing Indicates that WildFire assigned a link and analysis verdict of phishing. A phishing verdict
indicates that the site to which the link directs users displayed credential phishing activity.
Malicious Indicates that the entry received a WildFire analysis verdict of malicious. Samples
categorized as malicious can pose a security threat. Malware can include viruses, C2
(command-and-control), worms, Trojans, Remote Access Tools (RATs), rootkits, and
botnets. For samples that are identified as malware, the WildFire cloud generates and
distributes a signature to prevent against future exposure.
bartbernini Highly Voted 11 months, 2 weeks ago
<correction>B</correction> Grayware.
Although this *is* an example of spyware, that is not one of the four possible WildFire verdicts. From Palo Alto, "Grayware typically includes adware, spyware, and Browser Helper Objects (BHOs)."
https://docs.paloaltonetworks.com/wildfire/9-1/wildfire-admin/wildfire-overview/wildfire-concepts/verdicts.html
Answer is B
Grayware
—The sample does not pose a direct security threat, but might display otherwise obtrusive behavior. Grayware typically includes adware, spyware, and Browser Helper Objects (BHOs).
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
bartbernini
Highly Voted 3 years, 2 months agoChris71Mach1
2 years, 2 months agoeyelasers1
3 years, 1 month agoDjonzi
Most Recent 3 weeks, 3 days agoc50196d
3 weeks, 6 days agoapiloran
8 months, 3 weeks agoapiloran
8 months, 3 weeks agohcir
9 months, 3 weeks agoweze1336
10 months, 1 week agoweze1336
10 months, 1 week ago0d2fdfa
10 months, 3 weeks ago123XYZT
11 months ago123XYZT
11 months agoLoloshikovichev
11 months, 1 week agoMarshpillowz
1 year, 2 months agoMarshpillowz
1 year, 2 months agoSammy3637
1 year, 3 months agogully300
2 years, 2 months agoawtsuritacuna
2 years, 4 months ago