Trend Deep-Security-Professional Exam Practice Test Instant Access

Question 1

How is scan caching used in agentless implementations of Deep Security?

AScan caching maintains the Inclusions and Exclusions lists from the Malware Scan Configuration in memory to improve performance.

BScan caching manages resource usage by staggering the launch of malware scans to prevent scan storms

CScan caching is used in Agent-based installations only and is not supported in an agentless implementation.

DScan caching enhances the performance of the Deep Security Virtual Appliance in that files scanned for malware on a virtual machine that appear on other virtual machines may not need to be scanned again.

Answer : D

Question 2

The Intrusion Prevention Protection Module is enabled and a Recommendation Scan is run to identify vulnerabilities on a Windows Server 2016 computer. How can you insure that the list of recommendations is always kept up to date?

ADisabling, then re-enabling the Intrusion Prevention Protection Module will trigger a new Recommendation Scan to be run. New rules will be included in the results of this new scan.

BRecommendation Scans are only able to suggest Intrusion Prevention rules when the Protection Module is initially enabled.

CEnable 'Ongoing Scans' to run a recommendation scan on a regular basis. This will identify new Intrusion Prevention rules to be applied.

DNew rules are configured to be automatically sent to Deep Security Agents when Rec-ommendation Scans are run.

Answer : C

Question 3

A Deep Security administrator wishes to monitor a Windows SQL Server database and be alerted of any critical events which may occur on that server. How can this be achieved using Deep Security?

AThe administrator could install a Deep Security Agent on the server hosting the Win-dows Server 2016 database and enable the Integrity Monitoring Protection Module. A rule can be assigned to monitor the Windows SQL Server for any modifications to the server, with Alerts enabled.

BThe administrator could install a Deep Security Agent on the server hosting the Win-dows Server 2016 database and enable the Log Inspection Protection Module. A rule can be assigned to monitor the Windows SQL Server for any critical events, with Alerts enabled.

CThe administrator could install a Deep Security Agent on the server hosting the Win-dows Server 2016 database and enable the Intrusion Prevention Protection Module. A Recommendation Scan can be run and any suggested rule can be assigned to monitor the Windows SQL Server for any vulnerabilities, with Alerts enabled.

DThis can not be achieved using Deep Security. Instead, the administrator could set up log forwarding within Window SQL Server 2016 and the administrator could monitor the logs within the syslog device.

Answer : B

Question 4

As the administrator in a multi-tenant environment, you would like to monitor the usage of security services by tenants? Which of the following are valid methods for monitoring the usage of the system by the tenants?

AGenerate a Chargeback report in Deep Security manager Web console.

BAll the choices listed here are valid.

CUse the Representational State Transfer (REST) API to collect usage data from the tenants.

DMonitor usage by the tenants from the Statistics tab in the tenant Properties window.

Answer : B

Deep Security Manager records data about tenant usage. This information is displayed in the Ten-ant Protection Activity widget on the Dashboard, the Statistics tab in tenant Properties, and the Chargeback report.

This information can also be accessed through the Status Monitoring REST API which can be enabled or disabled from the Administration > Advanced > System Settings > Advanced > Status Monitoring API.

multi-tenancy

Explication: Study Guide - page (422)

Question 5

The "Protection Source when in Combined Mode" settings are configured for a virtual machine as in the exhibit. You would like to enable Application Control on this virtual machine, but there is no corresponding setting displayed. Why?

AIn the example displayed in the exhibit, no activation code was entered for Application Control. Since the Protection Module is not licensed, the corresponding settings are not displayed.

BThese settings are used when both an host-based agent and agentless protection are available for the virtual machine. Since Application Control is not supported in agentless installations, there is no need for the setting.

CIn the example displayed in the exhibit, the Application Control Protection Module has not yet been enabled. Once it is enabled for this virtual machine, the corresponding settings are displayed.

DIn the example displayed in the exhibit, the VMware Guest Introspection Service has not yet been installed. This service is required to enable Application Control in agentless installations.

Answer : B

Question 6

How does Smart Scan vary from conventional pattern-based anti-malware scanning?

ASmart Scan improves the capture rate for malware scanning by sending features of suspicious files to an cloud-based server where the features are compared to known malware samples.

BSmart Scan shifts much of the malware scanning functionality to an external Smart Protection Server.

CSmart Scan is performed in real time, where conventional scanning must be triggered manually, or run on a schedule.

DSmart Scan identifies files to be scanned based on the content of the file, not the exten-sion.

Answer : B

Advantages of the Smart Scan pattern over the conventional pattern protection in OfficeScan (OSCE)

Question 7

Multi-tenancy is enabled in Deep Security and new tenants are created. Where does the new tenant data get stored when using SQL Server as the Deep Security database?

AThe new tenant data is added to the existing SQL Server database.

BAn additional table is created for each new tenant in the existing database in the SQL Server database to store its data.

CAn additional database is created in SQL Server for each new tenant to store its data.

DAn additional user is created for each new tenant in the SQL Server database to store its data.

Answer : C

With Microsoft SQL and PostgreSQL, there's one main database and an additional database for each tenant. With Oracle, all tenant information is in one Deep Security Manager database, but an additional user is created for each tenant. Each user has its own tables.

Explication: Study Guide - page (409)

Trend Deep-Security-Professional Trend Micro Certified Professional for Deep Security Exam Practice Test