Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Trend Micro Deep-Security-Professional - Trend Micro Certified Professional for Deep Security Exam

Trend Micro Deep-Security-Professional Premium Access     Download Demo    
Page: 1 / 3
Total 80 questions

Which of the following statements is false regarding the Log Inspection Protection Module?

A.

Custom Log Inspections rules can be created using the Open Source Security (OSSEC) standard.

B.

Deep Security Manager collects Log Inspection Events from Deep Security Agents at every heartbeat.

C.

The Log Inspection Protection Module is supported in both agent-based and agentless environments.

D.

Scan for Recommendations identifies Log Inspection rules that Deep Security should implement.

The maximum disk space limit for the Identified Files folder is reached. What is the expected Deep Security Agent behavior in this scenario?

A.

Any existing files are in the folder are compressed and forwarded to Deep Security Manager to free up disk space.

B.

Deep Security Agents will delete any files that have been in the folder for more than 60 days.

C.

Files will no longer be able to be quarantined. Any new files due to be quarantined will be deleted instead.

D.

Deep Security Agents will delete the oldest files in this folder until 20% of the allocated space is available.

The Firewall Protection Module is enabled on a server through the computer details. What is default behavior of the Firewall if no rules are yet applied?

A.

All traffic is permitted through the firewall until either a Deny or Allow rule is assigned.

B.

A collection of default rules will automatically be assigned when the Firewall Protection Module is enabled.

C.

All traffic is blocked by the firewall until an Allow rule is assigned.

D.

All traffic is passed through the Firewall using a Bypass rule

Which of the following statements is true regarding Intrusion Prevention protection?

A.

Intrusion Prevention protection can drop malicious packets but cannot reset the con-nection.

B.

Intrusion Prevention protection only works in conjunction with the Anti-Malware Pro-tection Module.

C.

Intrusion Prevention protection can only work on computers where a Deep Security Agent is installed; agentless protection is not supported.

D.

Intrusion Prevention protection can drop or reset a connection.

Your organization stores PDF and Microsoft Office files within the SAP Netweaver platform and requires these documents to be scanned for malware. Which Deep Security component is required to satisfy this requirement?

A.

The Netweaver plug-in must be installed on the Deep Security Agent.

B.

A Smart Protection Server must be installed and configured to service the SAP Netweaver platform

C.

No extra components are required, this can be done by enabling the AntiMalware Pro-tection Module on the SAP Netweaver server.

D.

Deep Security Scanner is required.

An administrator attempts to activate the Deep Security Agent installed on a server by typing the following command in the Command Prompt on the Deep Security Agent computer:

dsa_control -a dsm://server1.acme.com:4120

The Agent does not activate as expected. What is a valid reason for this issue?

A.

The incorrect port was used. The correct command would be: dsa_control -a dsm://server1.acme.com:4118

B.

Deep Security Agents can not be activated through the Command Prompt. They must be activated through the Deep Security Manager Web console or through a deployment script.

C.

The command listed can only executed from the Command Prompt on the Deep Security Manager computer.

D.

"Allow Agent-Initiated Activation" is currently not enabled in Deep Security Manager.

Where does Deep Security Manager store the credentials it uses to access the database?

A.

In the logging.properties file

B.

In the dsm.properties file

C.

In the Windows Registry

D.

In the database.properties file

Which of the following operations makes use of the Intrusion Prevention Protection Module?

A.

Integrity scans

B.

Port scans

C.

Application traffic control

D.

Stateful traffic analysis

Which of the following VMware components is not required to enable agentless protection using Deep Security.

A.

VMware NSX

B.

VMware ESXi

C.

VMware vRealize

D.

VMware vCenter

Multiple Application Control Events are being displayed in Deep Security after a series of ap-plication updates and the administrator would like to reset Application Control. How can this be done?

A.

On the Deep Security Agent computer, type the following command to reset Application Control: dsa_control -r

B.

Click "Clear All" on the Actions tab in the Deep Security Manager Web console to reset the list of Application Control events.

C.

Application Control can be reset by disabling the Protection Module, then enabling it once again. This will cause local rulesets to be rebuilt.

D.

Application Control can not be reset.