Trend Deep-Security-Professional Exam Practice Test Instant Access

Question 1

Recommendation scans can detect applications and/or vulnerabilities on servers on the network. Which of the following Protection Modules make use of Recommendation scans?

AFirewall, Application Control, and Integrity Monitoring

BIntrusion Prevention, Firewall, Integrity Monitoring and Log Inspection

CLog Inspection, Application Control, and Intrusion Prevention

DIntrusion Prevention, Integrity Monitoring, and Log Inspection

Answer : D

Recommendation Scans can suggest rules for the following Protection Modules:

* Intrusion Prevention

* Integrity Monitoring

* Log Inspection

Explication: Study Guide - page (161)

Question 2

Which of the following operations makes use of the Intrusion Prevention Protection Module?

AIntegrity scans

BPort scans

CApplication traffic control

DStateful traffic analysis

Answer : D

Question 3

Which of the following VMware components is not required to enable agentless protection using Deep Security.

AVMware NSX

BVMware ESXi

CVMware vRealize

DVMware vCenter

Answer : C

Integrate with VMware vRealize Operations Manager

Question 4

What is the purpose of the Deep Security Notifier?

AThe Deep Security Notifier is a application in the Windows System Tray that displays the Status of Deep Security Manager during policy and software updates.

BThe Deep Security Notifier is a server components that collects log entries from man-aged computers for delivery to a configured SIEM device.

CThe Deep Security Notifier is a server component used in agentless configurations to allow Deep Security Manager to notify managed computers of pending updates.

DThe Deep Security Notifier is a application in the Windows System Tray that com-municates the state of Deep Security Agents and Relays to endpoint computers.

Answer : D

The Deep Security Notifier is a Windows System Tray application which provides local notification when malware is detected or malicious URLs are blocked.

It may be installed separately on protected virtual machines, however the Anti-Malware Protection Module must be licensed and enabled on the virtual machine for the Deep Security Notifier to display information.

The Notifier displays pop-up user notifications when the Anti-Malware module begins a scan, or blocks malware or access to malicious web pages. The Notifier also provides a console utility that allows the user to view events.

Explication: Study Guide - page (442)

Question 5

Which of the following is not an operation that is performed when network traffic is intercepted by the network driver on the Deep Security Agent?

AAnalyze the packet within the context of traffic history and connection state.

BCompare the data in the packet against the Anti-Malware Scan Configuration to verify whether any of the data related to files and folders on the Exclusion list.

CVerify the integrity of the packet to insure the packet is suitable for analysis.

DVerify the packet is not part of a reconnaissance scan used to discover weaknesses on the Deep Security Agent host computer.

Answer : B

Question 6

What is the purpose of the override.properties file?

AThis file is used to transfer policy settings from one installation of Deep Security Man-ager to another

BThis file allows properties to be tested on Deep Security Manager without affecting the original configuration.

CThis file contains the original out-of-the-box configuration properties for Deep Security Manager. This file is renamed to dsm.properties upon initialization of Deep Security Manager.

DThis file allows Deep Security Agents to override enforced behavior by providing new policy configuration details.

Answer : B

The properties specified in this configuration file override the properties specified in the dsm.properties file. This file can be created manually by a support engineer to modify product be-havior without affecting the original configuration.

Explication: Study Guide - page (42)

Question 7

Which of the following Firewall rule actions will allow data packets to pass through the Firewall Protection Module without being subjected to analysis by the Intrusion Prevention Protection Module?

ADeny

BBypass

CAllow

DForce Allow

Answer : B

Trend Deep-Security-Professional Trend Micro Certified Professional for Deep Security Exam Practice Test