El saber no ocupa lugar, y para ello la obtención de la credencial SentinelOne Partner Sales Accreditation 101.
Veamos una introducción y un ejemplo de examen
Where is SentinelOne agent software managed? (Select all that apply)
1) Cloud
2) On-prem
3) Hybrid
4) Local
SentinelOne complies with the General Data Protection Regulation (GDPR) European privacy standard?
1) True
2) False
SentinelOne products are designed to do which of the following? (Select all that apply)
1) Stop previously unknown attacks
2) Replace legacy AV *
3) Enterprise-grade threat hunting
4) DLP
SentinelOne is a full AV replacement technology
1) True
2) False
SentinelOne agents require cloud connectivity in order to detect malicious files or behaviors.
1) True
2) False
What makes SentinelOne unique when compared to other cloud-based next-generation offerings? (Select all that apply)
1) SentinelOne is cloud-based
2) SentinelOne has unique response actions.
3) Active EDR
4) SentinelOne agents are fully autonomous
SentinelOne offers follow the sun support?
1) True
2) False
Sentinel One is the convergence of what 2 technologies?
1) EPP and EDR
2) EDR and SOC
3) SOC and GDPR
S-1 is like putting a ______ on your endpoint
1) AV
2) SOC
3) wall
The S1 Product that is AV replacement
1) Core
2) Control
3) Complete
The S1 Products that adds and offers Device and EP Firewall control
1) Core
2) Control
3) Complete
The S1 product that offers Deep Visibility and Threat Hunting
1) Core
2) Control
3) Complete
Which S1 Product is best suited for SOC environments
1) Core
2) Control
3) Complete
SentinelOne offers a Govcloud option for customers that do business with the U.S. federal government and that must adhere to North American soil data management standards?
1) True
2) False
What is the oldest operating system SentinelOne has an agent for?
1) Windows Server 2008 R2
2) Windows 10
3) Windows 7 SP1
4) Windows XP SP3
The S1 product analyzes PE, PDFs and Office Docs before they run in memory. If it shows unusual characteristics, what occurs?
1) The file is Quarantined
2) The file is deleted
3) The file is Remediated Immediately
4) Do nothing
By using ActiveEDR, how do we track system behavior? (Select all that apply)
1) Looking for lateral movement
2) Looking for Fileless Exploits
3) Looking for bad scripts
4) Remote connections
When S1 responds to a threat, what options are available? (Select all that apply)
1) Kill – Quarantine
2) Cleanup – Rollback
3) Disconnect – Remote Shell
4) Delete file – Send console message to end point
What term is used in S1 for ActiveEDR Advanced/Threat Hunting functionality?
1) Behavioral AI
2) Deep Visibility
3) Static AI
4) Detection
By default, how long do we store benign data that can be used for Threat Hunting analysis?
1) 30 Days
2) 60 Days
3) 90 Days
4) 120 Days
What is the goal of Threat Hunting?
1) Locate a threat that was not identified
2) Contain the threat
3) Remediate the threat
4) All of the above
Threat Hunting is carried out in which S1 view?
1) Network
2) Analyze
3) Visibility
4) Activity
S1 can be set to automatically Kill & Quarantine threats?
1) True
2) False
What are the two Policy Mode options? (Select all that apply)
1) Observe
2) Detect
3) Protect
4) Block
What option allows for the recovery of Ransomware encrypted files?
1) Restore
2) Rollback
3) Unencrypt
4) Remediate
The admin can block USB and Bluetooth functionality on endpoints?
1) True
2) False
Which trait is not part of the S1 package?
1) Fast Recovery
2) Agent Consolidation
3) API Integration
4) All are part of S1
Which S1 view can you get an overview of threats?
1) Network
2) Visibilty
3) Analyze
4) Dashboard
What is the biggest threats to organizations?
1) Activists
2) Cyber Criminals
3) State Sponsored Actors
4) All of the above
What is the best way to protect your organization?
1) Have a good firewall
2) Have good visibility into your network
3) Have a good IDS
4) All of the above
S1 can detect which type of attacks? (Select all that apply)
1) Power Shell attacks
2) Malware
3) Brute Force
4) Exploits