Trend Deep-Security-Professional Exam Practice Test Instant Access

Question 1

The Overrides settings for a computer are displayed in the exhibit. Which of the following statements is true regarding the displayed configuration?

AThe Web Reputation and Application Control Protection Modules have been assigned a different policy that the other Protection Modules and as a result, are displayed with overrides.

BThe configuration for the Protection Modules is inherited from the policy assigned to this computer, except for the configuration of the Web Reputation and Application Control Protection Modules which have been set at the computer level.

CThe Protection Modules identified as Inherited in the exhibit have not yet been config-ured. Only the Web Reputation and Application Control Protection Modules have been configured.

DThe Protection Modules identified as Inherited in the exhibit have not yet been enabled. Only the Web Reputation and Application Control Protection Modules have been enabled at this point.

Answer : C

Question 2

Which of the following are valid methods for pre-approving software updates to prevent Ap-plication Control Events from being triggered by the execution of the modified software? Select all that apply.

AOnce the inventory scan has run when Application Control is first enabled, there is no way to update the inventory to incorporate modified software.

BSoftware updates performed by a Trusted Updater will be automatically approved.

CEdit the inventory database file (AC.db) on the Agent computer to include the hash of the newly updated software. Save the change and restart the Deep Security Agent. The software updates will now be approved.

DMaintenance mode can be enabled while completing the updates.

Answer : B, D

Normally, you will want Application Control to alert you when there are any unexpected software updates. However, some updates are expected and you will need provide allowances for these up-dates. Two methods for pre-approving software updates includes maintenance mode and trusted installers.

Explication: Study Guide - page (303-304)

Question 3

Multi-tenancy is enabled in Deep Security and new tenants are created. Where does the new tenant data get stored when using SQL Server as the Deep Security database?

AThe new tenant data is added to the existing SQL Server database.

BAn additional table is created for each new tenant in the existing database in the SQL Server database to store its data.

CAn additional database is created in SQL Server for each new tenant to store its data.

DAn additional user is created for each new tenant in the SQL Server database to store its data.

Answer : C

With Microsoft SQL and PostgreSQL, there's one main database and an additional database for each tenant. With Oracle, all tenant information is in one Deep Security Manager database, but an additional user is created for each tenant. Each user has its own tables.

Explication: Study Guide - page (409)

Question 4

The Intrusion Prevention Protection Module is enabled, its Behavior is set to Prevent and rules are assigned. When viewing the events, you notice that one of Intrusion Prevention rules is being triggered and an event is being logged but the traffic is not being blocked. What is a possible reason for this?

AThe Deep Security Agent is experiencing a system problem and is not processing packets since the 'Network Engine System Failure' mode is set to 'Fail Open'.

BThe network engine is running in Inline mode. In Inline mode, Deep Security provides no protection beyond a record of events.

CThe Intrusion Prevention rule is being triggered as a result of the packet sanity check failing and the packet is being allowed to pass.

DThe default Prevention Behavior in this particular rule may be set to Detect. This logs the triggering of the rule, but does not actually enforce the block.

Answer : D

Question 5

What is the purpose of the override.properties file?

AThis file is used to transfer policy settings from one installation of Deep Security Man-ager to another

BThis file allows properties to be tested on Deep Security Manager without affecting the original configuration.

CThis file contains the original out-of-the-box configuration properties for Deep Security Manager. This file is renamed to dsm.properties upon initialization of Deep Security Manager.

DThis file allows Deep Security Agents to override enforced behavior by providing new policy configuration details.

Answer : B

The properties specified in this configuration file override the properties specified in the dsm.properties file. This file can be created manually by a support engineer to modify product be-havior without affecting the original configuration.

Explication: Study Guide - page (42)

Question 6

What is the effect of the Firewall rule displayed in the following exhibit?

AThis rule will allow incoming TCP and UPD communication to this server.

BThis rule will allow outgoing TCP and UPD communication from this server.

CThis rule will allow TCP and UPD replies to requests originating on this server.

DThis rule will allow incoming communication to this server, but not TCP and UPD.

Answer : A

Question 7

Which of the following statements is true regarding Deep Security Relays?

ABoth 32-bit and 64-bit Deep Security Agents can be promoted to a Deep Security Relay.

BDeep Security Agents promoted to Deep Security Relays no longer provide the security capabilities enabled by the Protection Modules.

CDeep Security Relays are able to process Deep Security Agent requests during updates.

DDeep Security Agents communicate with Deep Security Relays to obtain security up-dates.

Answer : D

Trend Deep-Security-Professional Trend Micro Certified Professional for Deep Security Exam Practice Test