PCNSA EXAMS 100% PASSED
Content-ID feature - ✔✔includes a threat prevention engine and policies to inspect and control content
traversing the firewall
Security Profiles - ✔✔objects that are added to security policy rules configured with an action of
"allow"... represent additional security checks to be performed on allowed network traffic
Antivirus Profile - ✔✔Detects infected files being transferred with the application
Anti-spyware profile - ✔✔detects spyware downloads and traffic from already installed spyware
Vulnerability Protection profile - ✔✔detects attempts to exploit known software vulnerabilities
URL Filtering profile - ✔✔classifies and controls web browsing based on content
File Blocking profile - ✔✔tracks and blocks file uploads and downloads based on file type and
application
Data Filtering Policy - ✔✔identifies and blocks transfer of specific data patterns found in network traffic
Wildfire Analysis policy - ✔✔forwards unknown files to Wildfire service for malware analysis
Security Profile Group - ✔✔set of security profiles treated as one unit to simplify adding multiple
security profiles to a security policy rule
, Threat Log - ✔✔records antivirus, anti-spyware, and vulnerability threats discovered by Security
Profiles
Pre-defined Vulnerability Protection Profiles - ✔✔default: applies default action to all client and server
critical, high-severity, and medium-severity events. Typically used for proof of concept or first-phase
deployments
strict: applies "reset-both" response to all client and server critical, high-severity, and medium-severity
events and uses default action for all client and server informational and low events. Used for out-of-
the-box protection with recommended block of critical, high, and medium threats
Vulnerability Exceptions - ✔✔can override a rule's default action responses for one or more threat
signatures, or IP addresses
Default Antivirus Security Profile - ✔✔out-of-the-box profile, read-only.
default action according to different protocols used by applications to transfer files
Wildfire action configured based on signatures delivered by WildFire
'Alert' action allows network traffic but creates an entry in the threat log. "reset-both" resets the TCP
connection between server and client or drops UDP packets
SMTP 541 error message - ✔✔sent by firewall as part of the "alert" action when a virus is detected.
Tells the mail server not to retry sending the message
Virus exceptions - ✔✔created to handle false positives. Threat ID added to virus exception tab
Content-ID feature - ✔✔includes a threat prevention engine and policies to inspect and control content
traversing the firewall
Security Profiles - ✔✔objects that are added to security policy rules configured with an action of
"allow"... represent additional security checks to be performed on allowed network traffic
Antivirus Profile - ✔✔Detects infected files being transferred with the application
Anti-spyware profile - ✔✔detects spyware downloads and traffic from already installed spyware
Vulnerability Protection profile - ✔✔detects attempts to exploit known software vulnerabilities
URL Filtering profile - ✔✔classifies and controls web browsing based on content
File Blocking profile - ✔✔tracks and blocks file uploads and downloads based on file type and
application
Data Filtering Policy - ✔✔identifies and blocks transfer of specific data patterns found in network traffic
Wildfire Analysis policy - ✔✔forwards unknown files to Wildfire service for malware analysis
Security Profile Group - ✔✔set of security profiles treated as one unit to simplify adding multiple
security profiles to a security policy rule
, Threat Log - ✔✔records antivirus, anti-spyware, and vulnerability threats discovered by Security
Profiles
Pre-defined Vulnerability Protection Profiles - ✔✔default: applies default action to all client and server
critical, high-severity, and medium-severity events. Typically used for proof of concept or first-phase
deployments
strict: applies "reset-both" response to all client and server critical, high-severity, and medium-severity
events and uses default action for all client and server informational and low events. Used for out-of-
the-box protection with recommended block of critical, high, and medium threats
Vulnerability Exceptions - ✔✔can override a rule's default action responses for one or more threat
signatures, or IP addresses
Default Antivirus Security Profile - ✔✔out-of-the-box profile, read-only.
default action according to different protocols used by applications to transfer files
Wildfire action configured based on signatures delivered by WildFire
'Alert' action allows network traffic but creates an entry in the threat log. "reset-both" resets the TCP
connection between server and client or drops UDP packets
SMTP 541 error message - ✔✔sent by firewall as part of the "alert" action when a virus is detected.
Tells the mail server not to retry sending the message
Virus exceptions - ✔✔created to handle false positives. Threat ID added to virus exception tab
