AA- Day2

Question 1

Visibility with SPAN and DHCP

Answer 1

Question 2

Device Profile Library (DPL) & Device Classification Engine (DCE) Purpose

Answer 2

Question 3

Advanced Classification

Answer 3

Question 4

Advanced Criteria : Authentication Events

Answer 4

Question 5

Advanced Criteria: Events

Answer 5

Question 6

Advanced Criteria: Track changes

Answer 6

Question 7

Advanced Criteria: User Directory

Answer 7

Question 8

Advanced Criteria: Other Device Information 1

Answer 8

Question 9

Advanced Criteria: Other Device Information 2

Answer 9

Question 10

Quiz

Answer 10

Question 11

Criteria Logic

Answer 11

Question 12

Add to List

Answer 12

Question 13

Whitelisting and Blacklisting

Answer 13

Question 14

Commonly Misconfigured Criteria

Answer 14

Question 15

Scripts as Actions

Answer 15

Question 16

Reasons for Irresolvable Criteria

Answer 16

1. Non existent property for the endpoint

> Testing for a windows property on non-windows devices

> Looking for a property on an unmanaged device such as a security camera

2. Inability to access the endpoint due to

> Network issues

> Incorrect credentials

3. Endpoint is outside of the deployment’s IP Assignments
4. Endpoint is not part of the Internal Network

Question 17

Setting Counters

Answer 17

This Counters action is helpful for policy testing and enforcement

Example: On 1^st incident of matching AV not updated we send a notification. On the 2^nd incident of matching we block or quarantine the device.

Question 18

“ACtion” Scheduling

Answer 18

scheduling an action is useful when e.g. you run muliple scripts and you need to run them after each other and not all at the same time

Question 19

Key Policy Errors to Avoid

Answer 19

Question 20

Quiz

Answer 20

Question 21

Quiz

Answer 21

Question 22

FLEXX Lincesing Model

Answer 22

Question 23

Resilience and HA Licensing

Answer 23

Question 24

Options to transition to FLEXX Licensing

Answer 24

• Hardware Refresh
• Upgrade
• Migrate

Question 25

Upgrade Preperation (for Licensing to FLEXX migration)

Answer 25

Question 26

ForeScout Upgrade:

• From Gui
• From CLI

Answer 26

Question 27

Module Licensing when Upgrading

Answer 27

Question 28

Migrating to FLEXX licensing - Steps

Answer 28

Question 29

Quizz

Answer 29

Question 30

Quizz

Answer 30

Question 31

Extended Modules - Notes

Answer 31

Question 32

Available Module Categories

Answer 32

• Advanced Threat Protection (ATD)
• Endpoint Protection Platform (EPP)
• Mobile Device Management (MDM)
• Open Integration Module (OIM):data exchange
• Security Information and Event Management (SIEM)
• Vulnerability Management (VM)
• Privileged Access Management (PAM)
• IT SErvice Management (ITSM)
• Next Generation Firewall (NGFW)
• Client Management Tool (CMT)

Question 33

Extended Modules - Deployment steps (1)

Answer 33

Question 34

Extended Modules - Deployment steps (2)

Answer 34

Question 35

quizz

Answer 35

Question 36

Backups - System Components

Answer 36

Question 37

Backup - One Time

Answer 37

Question 38

Backups - Scheduled Automatic (1/3): Configure Backup Server

Answer 38

Question 39

Backups - Scheduled Automatic (2/3): Configure Encryption Password

Answer 39

Question 40

Backups - Scheduled Automatic (3/3): Set Schedule and back up parameters

Answer 40

Question 41

Backups - Restorin a System Backup

Answer 41

Question 42

Backup Restore - EM Component (1/2)

Answer 42

Question 43

Backup Restore - EM Component (2/2)

Answer 43