Trend Micro and TippingPoint Introduction

Questions and Answers

What is the purpose of the Reputation Feed?

• To extract private keys from the network flow
• To update the Malware Filter Package
• To monitor and block inbound and outbound communications with known malicious and undesirable IP addresses and domain names (correct)
• To detect infected hosts communicating in the network

What is the function of DGA Defense filters?

• To protect against known malware families and suspicious domain names generated by unknown malware families (correct)
• To extract private keys from the network flow
• To detect infected hosts communicating in the network
• To update the Malware Filter Package

How often is the Malware Filter Package updated?

• Monthly
• Hourly
• Daily
• Weekly (correct)

What type of mail traffic does ThreatDV Reputation Feed Context Awareness block?

Mail traffic containing phishing attack techniques (A)

What information does ThreatDV provide through security intelligence feeds?

Malware sites, Phishing sites, Compromised hosts, Botnet and spammers information (A)

What does Ransomware filters utilize a 'trace' action set to do?

Extract a private key from the network flow to restore encrypted files (A)

What is the primary purpose of the Malware Filter Package?

To protect against known malware families and suspicious domain names generated by unknown malware families (A)

What does ThreatDV's Content Awareness aim to detect in mail traffic?

Phishing attack techniques (A)

What is the purpose of TippingPoint Block?

To prevent drive-by downloads of malware from known malware depots (D)

What is the function of a fully qualified domain name (FQDN)?

To identify domain levels including top-level domain and root zone (D)

What does the TippingPoint Reputation Digital Vaccine Service (Rep DV) provide?

IPv4, IPv6, and Domain Name System (DNS) security intelligence feeds (B)

How often is the TippingPoint Reputation Digital Vaccine Service (Rep DV) updated?

~2 hours daily (C)

What does the TippingPoint IPS Platform act as in the security infrastructure?

An enforcement point inspecting traffic in real-time and enforcing Rep DV security policies (A)

What does the TippingPoint Reputation Digital Vaccine Service (Rep DV) assign to each known 'bad' domain name?

A threat score from 0 to 100 (A)

What do customers use to actively enforce and manage reputation security policies?

TippingPoint Intrusion Prevention System (IPS) Platform (B)

What is the purpose of blocking sites that use fast-fluxing IP addresses?

To prevent attackers from rapidly changing their server locations (A)

What is the main focus of the ZDI program?

Informing protection updates for customers (C)

What is the primary expertise of the Trend Micro Security Labs research team?

Malware and exploit analysis (D)

How does Trend Micro invest in protecting its customers from threats tomorrow?

By continually innovating the approach to security (A)

What is the role of the ZDI program in relation to Trend Micro?

To help protect customers from vulnerabilities in advance of public disclosure (A)

What is the significance of Microsoft Vulnerability Acknowledgments Since 2006*?

Informing protection updates for Trend Micro's customers (C)

What is the primary benefit to Trend Micro's customers, according to the text?

Investment in people and technology for security innovation (D)

How does the Trend Micro Security Labs team extend its visibility and expertise?

By specializing in malware and exploit analysis (D)