Trend Deep-Security-Professional Exam Practice Test Instant Access

Question 1

Recommendation scans can detect applications and/or vulnerabilities on servers on the network. Which of the following Protection Modules make use of Recommendation scans?

AFirewall, Application Control, and Integrity Monitoring

BIntrusion Prevention, Firewall, Integrity Monitoring and Log Inspection

CLog Inspection, Application Control, and Intrusion Prevention

DIntrusion Prevention, Integrity Monitoring, and Log Inspection

Answer : D

Recommendation Scans can suggest rules for the following Protection Modules:

* Intrusion Prevention

* Integrity Monitoring

* Log Inspection

Explication: Study Guide - page (161)

Question 2

Based on the policy configuration displayed in the exhibit, which of the following statements is true?

AChanges to any of the Deep Security policies will be send to the Deep Security Agents as soon as the changes are saved.

BAdministrators with access to the protected Server will be able to uninstall the Deep Security Agent through Windows Control Panel.

CDeep Security Agents will send event information to Deep Security Manager every 10 minutes.

DIf the Deep Security Manager does not receive a message from the Deep Security agent every 20 minutes, an alert will be raised.

Answer : B

Question 3

Which of the following statements is true regarding the Intrusion Prevention Protection Module?

AThe Intrusion Prevention Protection Module blocks or allows traffic based on header information within data packets.

BThe Intrusion Prevention Protection Module analyzes the payload within incoming and outgoing data packets to identify content that can signal an attack.

CThe Intrusion Prevention Protection Module can identify changes applied to protected objects, such as the Hosts file, or the Windows Registry.

DThe Intrusion Prevention Protection Module can prevent applications from executing, allowing an organization to block unallowed software.

Answer : B

deep-security-protection-modules

Question 4

Policies in Deep Security can include a Context value. Which of the following statements re-garding Context is correct?

AThe Context provides Deep Security Agents with location awareness and are associated with Anti-Malware and Web Reputation Rules.

BThe Context provides Deep Security Agents with location awareness and are associated with Firewall and Intrusion Prevention Rules.

CThe Context provides Deep Security Agents with location awareness and are associated with Web Reputation Rules only.

DThe Context provides Deep Security Agents with location awareness and are associated with Log Inspection and Integrity Monitoring Rules.

Answer : B

Contexts are designed to be associated with Firewall and Intrusion Prevention Rules. If the condi-tions defined in the Context associated with a rule are met, the rule is applied. To link a security rule to a Context, go to the Options tab in the Properties window for the rule and select the Context from the menu.

Explication: Study Guide - page (165)

Question 5

Which of the following statements is false regarding the Log Inspection Protection Module?

ACustom Log Inspections rules can be created using the Open Source Security (OSSEC) standard.

BDeep Security Manager collects Log Inspection Events from Deep Security Agents at every heartbeat.

CThe Log Inspection Protection Module is supported in both agent-based and agentless environments.

DScan for Recommendations identifies Log Inspection rules that Deep Security should implement.

Answer : C

Log Inspection requires running some analysis on the computer and is not supported in Agentless deployments.

Explication: Study Guide - page (310)

Question 6

Which of the following statements is true regarding Event Tagging?

AAdding a tag to an Event modifies the Event data by adding fields, including the name of the tag, the date the tag was applied, and whether the tag was applied manually or automatically

BOnly a single tag can be assigned to an Event.

CEvents can be tagged automatically if they are similar to known good Events.

DEvents can be automatically deleted based on tags.

Answer : C

Question 7

Which of the following operations makes use of the Intrusion Prevention Protection Module?

AIntegrity scans

BPort scans

CApplication traffic control

DStateful traffic analysis

Answer : D

Trend Micro Certified Professional for Deep Security Exam Practice Test