Trend Deep-Security-Professional Exam Practice Test Instant Access

Question 1

The maximum disk space limit for the Identified Files folder is reached. What is the expected Deep Security Agent behavior in this scenario?

AAny existing files are in the folder are compressed and forwarded to Deep Security Manager to free up disk space.

BDeep Security Agents will delete any files that have been in the folder for more than 60 days.

CFiles will no longer be able to be quarantined. Any new files due to be quarantined will be deleted instead.

DDeep Security Agents will delete the oldest files in this folder until 20% of the allocated space is available.

Answer : D

If the limit is reached, the oldest files will be deleted first until 20% of allocated space is freed up.

Explication: Study Guide - page (203)

Question 2

Which of the following operations makes use of the Intrusion Prevention Protection Module?

AIntegrity scans

BPort scans

CApplication traffic control

DStateful traffic analysis

Answer : D

Question 3

Which of the following VMware components is not required to enable agentless protection using Deep Security.

AVMware NSX

BVMware ESXi

CVMware vRealize

DVMware vCenter

Answer : C

Integrate with VMware vRealize Operations Manager

Question 4

What is the purpose of the Deep Security Notifier?

AThe Deep Security Notifier is a application in the Windows System Tray that displays the Status of Deep Security Manager during policy and software updates.

BThe Deep Security Notifier is a server components that collects log entries from man-aged computers for delivery to a configured SIEM device.

CThe Deep Security Notifier is a server component used in agentless configurations to allow Deep Security Manager to notify managed computers of pending updates.

DThe Deep Security Notifier is a application in the Windows System Tray that com-municates the state of Deep Security Agents and Relays to endpoint computers.

Answer : D

The Deep Security Notifier is a Windows System Tray application which provides local notification when malware is detected or malicious URLs are blocked.

It may be installed separately on protected virtual machines, however the Anti-Malware Protection Module must be licensed and enabled on the virtual machine for the Deep Security Notifier to display information.

The Notifier displays pop-up user notifications when the Anti-Malware module begins a scan, or blocks malware or access to malicious web pages. The Notifier also provides a console utility that allows the user to view events.

Explication: Study Guide - page (442)

Question 5

Which of the following is not an operation that is performed when network traffic is intercepted by the network driver on the Deep Security Agent?

AAnalyze the packet within the context of traffic history and connection state.

BCompare the data in the packet against the Anti-Malware Scan Configuration to verify whether any of the data related to files and folders on the Exclusion list.

CVerify the integrity of the packet to insure the packet is suitable for analysis.

DVerify the packet is not part of a reconnaissance scan used to discover weaknesses on the Deep Security Agent host computer.

Answer : B

Question 6

How does Smart Scan vary from conventional pattern-based anti-malware scanning?

ASmart Scan improves the capture rate for malware scanning by sending features of suspicious files to an cloud-based server where the features are compared to known malware samples.

BSmart Scan shifts much of the malware scanning functionality to an external Smart Protection Server.

CSmart Scan is performed in real time, where conventional scanning must be triggered manually, or run on a schedule.

DSmart Scan identifies files to be scanned based on the content of the file, not the exten-sion.

Answer : B

Advantages of the Smart Scan pattern over the conventional pattern protection in OfficeScan (OSCE)

Question 7

Multi-tenancy is enabled in Deep Security and new tenants are created. Where does the new tenant data get stored when using SQL Server as the Deep Security database?

AThe new tenant data is added to the existing SQL Server database.

BAn additional table is created for each new tenant in the existing database in the SQL Server database to store its data.

CAn additional database is created in SQL Server for each new tenant to store its data.

DAn additional user is created for each new tenant in the SQL Server database to store its data.

Answer : C

With Microsoft SQL and PostgreSQL, there's one main database and an additional database for each tenant. With Oracle, all tenant information is in one Deep Security Manager database, but an additional user is created for each tenant. Each user has its own tables.

Explication: Study Guide - page (409)

Trend Deep-Security-Professional Trend Micro Certified Professional for Deep Security Exam Practice Test