An administrator just submitted a newly found piece of spyware for WildFire analysis. The spyware passively monitors behavior without the user's knowledge. What is the expected verdict from WildFire?
D. Grayware.
Although this *is* an example of spyware, that is not one of the four possible WildFire verdicts. From Palo Alto, "Grayware typically includes adware, spyware, and Browser Helper Objects (BHOs)."
https://docs.paloaltonetworks.com/wildfire/9-1/wildfire-admin/wildfire-overview/wildfire-concepts/verdicts.html
Grayware
—The sample does not pose a direct security threat, but might display otherwise obtrusive behavior. Grayware typically includes adware, spyware, and Browser Helper Objects (BHOs).
Answer is GRAYWARE. The question is specifically asking for "VERDICT".
There is NO verdict called "SPYWARE". "Spyware" is included within the "Grayware" Verdict. See Below.
Benign Indicates that the entry received a WildFire analysis verdict of benign. Files categorized as
benign are safe and do not exhibit malicious behavior.
Grayware Indicates that the entry received a WildFire analysis verdict of grayware. Files categorized
as grayware do not pose a direct security threat but might display otherwise obtrusive
behavior. Grayware can include adware, spyware, and Browser Helper Objects (BHOs).
Phishing Indicates that WildFire assigned a link and analysis verdict of phishing. A phishing verdict
indicates that the site to which the link directs users displayed credential phishing activity.
Malicious Indicates that the entry received a WildFire analysis verdict of malicious. Samples
categorized as malicious can pose a security threat. Malware can include viruses, C2
(command-and-control), worms, Trojans, Remote Access Tools (RATs), rootkits, and
botnets. For samples that are identified as malware, the WildFire cloud generates and
distributes a signature to prevent against future exposure.
bartbernini Highly Voted 11 months, 2 weeks ago
<correction>B</correction> Grayware.
Although this *is* an example of spyware, that is not one of the four possible WildFire verdicts. From Palo Alto, "Grayware typically includes adware, spyware, and Browser Helper Objects (BHOs)."
https://docs.paloaltonetworks.com/wildfire/9-1/wildfire-admin/wildfire-overview/wildfire-concepts/verdicts.html
Answer is B
Grayware
—The sample does not pose a direct security threat, but might display otherwise obtrusive behavior. Grayware typically includes adware, spyware, and Browser Helper Objects (BHOs).
This section is not available anymore. Please use the main Exam Page.PCNSE Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
bartbernini
Highly Voted 3 years, 2 months agoChris71Mach1
2 years, 3 months agoeyelasers1
3 years, 2 months agoDjonzi
Most Recent 1 month, 2 weeks agoc50196d
1 month, 2 weeks agoapiloran
9 months, 2 weeks agoapiloran
9 months, 2 weeks agohcir
10 months, 2 weeks agoweze1336
11 months agoweze1336
11 months ago0d2fdfa
11 months, 2 weeks ago123XYZT
11 months, 3 weeks ago123XYZT
11 months, 3 weeks agoLoloshikovichev
12 months agoMarshpillowz
1 year, 3 months agoMarshpillowz
1 year, 3 months agoSammy3637
1 year, 4 months agogully300
2 years, 3 months agoawtsuritacuna
2 years, 4 months ago