Which of the following describes how Threat Extraction functions?
A. Detect threats and provides a detailed report of discovered threats.
B. Proactively detects threats.
C. Delivers file with original content.
D. Delivers PDF versions of original files with active content removed.
D is correct. CCSE Page 626 , there is a table.
A few important points on Threat Extraction:
This technology offers two modes of operation:
‘Clean’ delivers files in their original formats while removing active content such as scripts. For instance, a PowerPoint presentation will be delivered as a PowerPoint presentation.
‘Convert’ transforms files into PDF – it’s a more aggressive transformation, and though the user experience is not as smooth as with Clean mode, virtually no malware can survive this transformation.
So you have a the classic tradeoff here between security and user-experience
Answer D is correct
I know this one is the annoying one, but D is correct (insert from the official Study guide):
Threat Extraction:
Preemptively removes possible malicious content
Always delivers a file
Works on MS office and PDF files
Delivers PDF version of original file or original format with active content remove
Takes less than a second to complete
Assumes that all active content is potentially malicious
Disables any active functionality in documents regardless of intent.
With all of this I think it’s pretty safe to assume D is correct answer.
D is correct, for me. Don’t think that Threat Extraction detects anything, it just removing active content.