Lesson 8: Quarantine Functionality and Concepts

What should be selected for the flow control when creating a new Quarantine action set?

Quarantine

What should the thresholds be set to for immediate block in Quarantine settings?

1 and 1

For what purpose can TCP Reset be used as part of Quarantine Actions?

For SMTP virus filters

Which profile will be used to test the newly created Quarantine action set?

DMZ Profile Signup and view all the answers

When can a host appear in the Quarantined Hosts table?

When it triggers a specific filter Signup and view all the answers

What is recommended to use quarantine for?

Unusual user activity Signup and view all the answers

What is the purpose of setting automatic timeout in quarantine?

To release quarantined hosts after a certain period Signup and view all the answers

Where would a blocked stream be generated when an Action Set is configured for Block + Quarantine and a threshold is not set?

In the Quarantined Hosts table Signup and view all the answers

What is one of the main functions of Spyware Filters?

Immediately block malicious traffic Signup and view all the answers

When does Quarantine occur, according to the lesson?

After excessive filter hits Signup and view all the answers

What can be configured to occur at a user-defined threshold?

Quarantine actions Signup and view all the answers

What action can be taken before the threshold is triggered?

Display a Quarantine web page Signup and view all the answers

What is one consideration when configuring Quarantine for web requests?

Display the Quarantine Block page Signup and view all the answers

What is one way hosts can be released from Quarantine?

Redirect web requests to an external server Signup and view all the answers

What should be done with other non-web traffic, according to the lesson?

Block other non-web traffic Signup and view all the answers

What can be reached by hosts in Quarantine?

Addresses which can be reached by quarantined hosts Signup and view all the answers

What is the main function of TippingPoint Quarantine?

Preventing insider threats and walk-in worms Signup and view all the answers

How does Quarantine work with the source IP address in the packets?

It adds the source IP to the Quarantine list Signup and view all the answers

When can Blocking Quarantine be used?

To prevent an infected machine from spreading worms Signup and view all the answers

What does Quarantine communicate with switching infrastructures to do?

Isolate offending endpoints with remediation VLANs Signup and view all the answers

How does Blocking Quarantine help inform the user?

By informing the user that something has gone wrong Signup and view all the answers

What type of threats does TippingPoint Quarantine primarily aim to block?

Insider threats and walk-in worms Signup and view all the answers

In what situation can Quarantine be used to prevent network infection?

When an infected machine is spreading worms Signup and view all the answers

What does TippingPoint Quarantine do with the source IP in the packets it inspects?

Adds it to the Quarantine list Signup and view all the answers