New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Trend Micro Deep-Security-Professional Dumps Questions Answers

Trend Micro Certified Professional for Deep Security Exam Questions and Answers

Question 1

Recommendation scans can detect applications and/or vulnerabilities on servers on the network. Which of the following Protection Modules make use of Recommendation scans?

Options:

A.

Firewall, Application Control, and Integrity Monitoring

B.

Intrusion Prevention, Firewall, Integrity Monitoring and Log Inspection

C.

Log Inspection, Application Control, and Intrusion Prevention

D.

Intrusion Prevention, Integrity Monitoring, and Log Inspection

Buy Now
Question 2

Which of the following are valid methods for pre-approving software updates to prevent Ap-plication Control Events from being triggered by the execution of the modified software? Select all that apply.

Options:

A.

Once the inventory scan has run when Application Control is first enabled, there is no way to update the inventory to incorporate modified software.

B.

Software updates performed by a Trusted Updater will be automatically approved.

C.

Edit the inventory database file (AC.db) on the Agent computer to include the hash of the newly updated software. Save the change and restart the Deep Security Agent. The software updates will now be approved.

D.

Maintenance mode can be enabled while completing the updates.

Question 3

Which of the following statements is true regarding Event Tagging?

Options:

A.

Adding a tag to an Event modifies the Event data by adding fields, including the name of the tag, the date the tag was applied, and whether the tag was applied manually or automatically

B.

Only a single tag can be assigned to an Event.

C.

Events can be tagged automatically if they are similar to known good Events.

D.

Events can be automatically deleted based on tags.

Question 4

In the policy displayed in the exhibit, the state of the Web Reputation Protection Module is set to "Inherited (On)", while the state for the other Protection Module is set to "On". Why is the Web Reputation Protection Module displayed differently than the other Protection Modules.

Options:

A.

In this example, the state for the Web Reputation Protection Module is inherited from the parent policy, while the other Protection Modules were turned on specifically in this child policy.

B.

The state for a Protection Module is always displayed as "Inherited (On)" until the module components are installed on the Deep Security Agent.

C.

In this example, the state for the Web Reputation Protection Module is inherited from the parent policy, while the other Protection Modules were turned on at the computer level.

D.

In this example, the state for the Web Reputation Protection Module is listed as "In-herited (On)" as it was inherited from the default setting in the Base Policy.

Question 5

The Overrides settings for a computer are displayed in the exhibit. Which of the following statements is true regarding the displayed configuration?

Options:

A.

The Web Reputation and Application Control Protection Modules have been assigned a different policy that the other Protection Modules and as a result, are displayed with overrides.

B.

The configuration for the Protection Modules is inherited from the policy assigned to this computer, except for the configuration of the Web Reputation and Application Control Protection Modules which have been set at the computer level.

C.

The Protection Modules identified as Inherited in the exhibit have not yet been config-ured. Only the Web Reputation and Application Control Protection Modules have been configured.

D.

The Protection Modules identified as Inherited in the exhibit have not yet been enabled. Only the Web Reputation and Application Control Protection Modules have been enabled at this point.

Question 6

Which of the following statements is FALSE regarding Firewall rules using the Bypass action?

Options:

A.

Applying a Firewall rule using the Bypass action to traffic in one direction automatically applies the same action to traffic in the other direction.

B.

Firewall rules using the Bypass action do not generate log events.

C.

Firewall rules using the Bypass action allow incoming traffic to skip both Firewall and Intrusion Prevention analysis.

D.

Firewall rules using the Bypass action can be optimized, allowing traffic to flow as effi-ciently as if a Deep Security Agent was not there.

Question 7

Which of the following statements is true regarding the use of the Firewall Protection Module in Deep Security?

Options:

A.

The Firewall Protection Module can check files for certain characteristics such as compression and known exploit code.

B.

The Firewall Protection Module can identify suspicious byte sequences in packets.

C.

The Firewall Protection Module can detect and block Cross Site Scripting and SQL In-jection attacks.

D.

The Firewall Protection Module can prevent DoS attacks coming from multiple systems.

Question 8

The details for an event are displayed in the exhibit. Based on these details, which Protection Module generated the event?

Options:

A.

Firewall

B.

Intrusion Prevention

C.

Log Inspection

D.

Integrity Monitoring

Question 9

The Intrusion Prevention Protection Module is enabled and a Recommendation Scan is run to identify vulnerabilities on a Windows Server 2016 computer. How can you insure that the list of recommendations is always kept up to date?

Options:

A.

Disabling, then re-enabling the Intrusion Prevention Protection Module will trigger a new Recommendation Scan to be run. New rules will be included in the results of this new scan.

B.

Recommendation Scans are only able to suggest Intrusion Prevention rules when the Protection Module is initially enabled.

C.

Enable "Ongoing Scans" to run a recommendation scan on a regular basis. This will identify new Intrusion Prevention rules to be applied.

D.

New rules are configured to be automatically sent to Deep Security Agents when Rec-ommendation Scans are run.

Question 10

Which of the following statements is true regarding Deep Security Relays?

Options:

A.

Both 32-bit and 64-bit Deep Security Agents can be promoted to a Deep Security Relay.

B.

Deep Security Agents promoted to Deep Security Relays no longer provide the security capabilities enabled by the Protection Modules.

C.

Deep Security Relays are able to process Deep Security Agent requests during updates.

D.

Deep Security Agents communicate with Deep Security Relays to obtain security up-dates.

Question 11

Which of the following statements correctly describes Smart Folders?

Options:

A.

Smart Folders identify the folders that will be scanned when a Real-Time, Manual or Scheduled malware scan is run.

B.

Smart Folders are a collection of subfolders containing the policy settings that are ap-plied to child policies or directly to Computers.

C.

Smart Folders act as a saved search of computers which is executed each time the folder is clicked to display its contents.

D.

Smart Folders are the containers used to store the results of Recommendation Scans. Once a Recommendation Scan has completed, and administrator can click a Smart Folder and select which of the recommended rules to apply.

Question 12

Which of the following statements is true regarding the Log Inspection Protection Module?

Options:

A.

Deep Security Agents forward Log Inspection Event details to Deep Security Manager in real time.

B.

Log Inspection can only examine new Events and cannot examine logs entries created before the Protection Module was enabled.

C.

Log Inspection can only examine Deep Security log information.

D.

The Log Inspection Protection Module is supported in both Agent-based and Agentless implementations.