Trend Deep-Security-Professional Exam Practice Test Instant Access

Question 1

Which of the following file types would not be evaluated by the Application Control Protection Module?

A.py scripts

B.exe files

C.class files

D.docx files

Answer : D

Question 2

What is the purpose of the Deep Security Notifier?

AThe Deep Security Notifier is a application in the Windows System Tray that displays the Status of Deep Security Manager during policy and software updates.

BThe Deep Security Notifier is a server components that collects log entries from man-aged computers for delivery to a configured SIEM device.

CThe Deep Security Notifier is a server component used in agentless configurations to allow Deep Security Manager to notify managed computers of pending updates.

DThe Deep Security Notifier is a application in the Windows System Tray that com-municates the state of Deep Security Agents and Relays to endpoint computers.

Answer : D

The Deep Security Notifier is a Windows System Tray application which provides local notification when malware is detected or malicious URLs are blocked.

It may be installed separately on protected virtual machines, however the Anti-Malware Protection Module must be licensed and enabled on the virtual machine for the Deep Security Notifier to display information.

The Notifier displays pop-up user notifications when the Anti-Malware module begins a scan, or blocks malware or access to malicious web pages. The Notifier also provides a console utility that allows the user to view events.

Explication: Study Guide - page (442)

Question 3

What is IntelliScan?

AIntelliScan is a method of identifying which files are subject to malware scanning as determined from the file content. It uses the file header to verify the true file type.

BIntelliScan is a mechanism that improves scanning performance. It recognizes files that have already been scanned based on a digital fingerprint of the file.

CIntelliScan reduces the risk of viruses entering your network by blocking real-time compressed executable files and pairs them with other characteristics to improve mal-ware catch rates.

DIntelliScan is a malware scanning method that monitors process memory in real time. It can identify known malicious processes and terminate them.

Answer : A

Question 4

The Intrusion Prevention Protection Module is enabled, but the traffic it is trying to analyze is encrypted through https. How is it possible for the Intrusion Prevention Protection Module to monitor this encrypted traffic against the assigned rules?

AIt is possible to monitor the https traffic by creating an SSL Configuration. Creating a new SSL Configuration will make the key information needed to decrypt the traffic available to the Deep Security Agent.

BThe Intrusion Prevention Protection Module is not able to analyze encrypted https traffic.

CThe Intrusion Prevention Protection Module can only analyze https traffic originating from other servers hosting a Deep Security Agent.

DThe Intrusion Prevention Protection Module can analyze https traffic if the public cer-tificate of the originating server is imported into the certificate store on the Deep Secu-rity Agent computer.

Answer : A

inrusion-prevention-ssl-traffic

Question 5

Recommendation scans can detect applications and/or vulnerabilities on servers on the network. Which of the following Protection Modules make use of Recommendation scans?

AFirewall, Application Control, and Integrity Monitoring

BIntrusion Prevention, Firewall, Integrity Monitoring and Log Inspection

CLog Inspection, Application Control, and Intrusion Prevention

DIntrusion Prevention, Integrity Monitoring, and Log Inspection

Answer : D

Recommendation Scans can suggest rules for the following Protection Modules:

* Intrusion Prevention

* Integrity Monitoring

* Log Inspection

Explication: Study Guide - page (161)

Question 6

Which of the following operations makes use of the Intrusion Prevention Protection Module?

AIntegrity scans

BPort scans

CApplication traffic control

DStateful traffic analysis

Answer : D

Question 7

Which of the following is NOT an operation that can be performed on Deep Security resources using the API?

AGET

BPUT

CVIEW

DPOST

Answer : C

Rest API

Trend Micro Certified Professional for Deep Security Deep-Security-Professional Exam Practice Test