Download Trend Micro Deep Security Professional Exam Questions

test2022-10-26T03:49:32+00:00

You can download the latest Trend Micro Deep Security Professional Exam Questions for best prepare for your Trend Micro Certified Professional for Deep Security Exam. Participants will learn how to use Trend Micro Deep Security for advanced hybrid-cloud security on physical, virtual, and cloud-based servers. After studying FreeTestShare Trend Micro Deep Security Professional Exam Questions, then you will be confident to perform well in the final Trend Micro Certified Professional for Deep Security Exam.

Check free Deep Security Professional practice exam.

Page 1 of 2

1. Which of the following statements is true regarding Deep Security Manager-todatabase com-munication?

Deep Security Manager-to-database traffic is not encrypted by default, but can be en-abled by modifying settings in the ssl.properties file.

Deep Security Manager-to-database traffic is encrypted by default, but can be disabled by modifying settings in the dsm.properties file.

Deep Security Manager-to-database traffic is encrypted by default but can be disabled by modifying settings in the db.properties file.

Deep Security Manager-to-database traffic is not encrypted by default, but can be en-abled by modifying settings in the dsm.properties file.

2. Your organization would like to implement a mechanism to alert administrators when files on a protected servers are modified or tampered with.

Which Deep Security Protection Module should you enable to provide this functionality?

The Integrity Monitoring Protection Module

The File Inspection Protection Module

Deep Security can not provide this type of functionality

The Intrusion Prevention Protection Module

3. When viewing the details for a policy, as displayed in the exhibit, you notice that the Application Control Protection Module is not available.

In this example, why would this Protection Modules not be available?

The Application Control Protection Module has been disabled at the Base Policy level and is not displayed in the details for child policies.

The Application Control Protection Module is only supported on Linux computers, the policy details displayed are for Windows computers only.

An Activation Code for the Application Control Protection Module has not been pro-vided. Unlicensed Protection Modules will not be displayed.

The Application Control Protection Modules has not been enabled for this tenant.

4. The Overrides settings for a computer are displayed in the exhibit.

Which of the following statements is true regarding the displayed configuration?

The Web Reputation and Application Control Protection Modules have been assigned a different policy that the other Protection Modules and as a result, are displayed with overrides.

The configuration for the Protection Modules is inherited from the policy assigned to this computer, except for the configuration of the Web Reputation and Application Control Protection Modules which have been set at the computer level.

The Protection Modules identified as Inherited in the exhibit have not yet been config-ured. Only the Web Reputation and Application Control Protection Modules have been configured.

The Protection Modules identified as Inherited in the exhibit have not yet been enabled. Only the Web Reputation and Application Control Protection Modules have been enabled at this point.

5. Which of the following is not an operation that is performed when network traffic is intercepted by the network driver on the Deep Security Agent?

Analyze the packet within the context of traffic history and connection state.

Compare the data in the packet against the Anti-Malware Scan Configuration to verify whether any of the data related to files and folders on the Exclusion list.

Verify the integrity of the packet to insure the packet is suitable for analysis.

Verify the packet is not part of a reconnaissance scan used to discover weaknesses on the Deep Security Agent host computer.

6. Based on the script displayed in the exhibit, which of the following statements are correct? Select all that apply.

Deep Security Agents deployed using this script will be activated against Tenant 0 in a multi-tenant environment.

This script will deploy the Deep Security Agent on a server, but will not automatically activate it.

Deep Security Agents deployed using this script are activated against a specific tenant.

Deep Security Agents deployed using this script will be assigned a specific policy when activated.

7. 1.How does Smart Scan vary from conventional pattern-based anti-malware scanning?

Smart Scan improves the capture rate for malware scanning by sending features of suspicious files to an cloud-based server where the features are compared to known malware samples.

Smart Scan shifts much of the malware scanning functionality to an external Smart Protection Server.

Smart Scan is performed in real time, where conventional scanning must be triggered manually, or run on a schedule.

Smart Scan identifies files to be scanned based on the content of the file, not the exten-sion.

8. Policies in Deep Security can include a Context value.

Which of the following statements re-garding Context is correct?

The Context provides Deep Security Agents with location awareness and are associated with Anti-Malware and Web Reputation Rules.

The Context provides Deep Security Agents with location awareness and are associated with Firewall and Intrusion Prevention Rules.

The Context provides Deep Security Agents with location awareness and are associated with Web Reputation Rules only.

The Context provides Deep Security Agents with location awareness and are associated with Log Inspection and Integrity Monitoring Rules.

9. The details for an event are displayed in the exhibit. Based on these details, which Protection Module generated the event?

Integrity Monitoring

Firewall

Web Reputation

Intrusion Prevention

10. The maximum disk space limit for the Identified Files folder is reached.

What is the expected Deep Security Agent behavior in this scenario?

Any existing files are in the folder are compressed and forwarded to Deep Security Manager to free up disk space.

Deep Security Agents will delete any files that have been in the folder for more than 60 days.

Files will no longer be able to be quarantined. Any new files due to be quarantined will be deleted instead.

Deep Security Agents will delete the oldest files in this folder until 20% of the allocated space is available.

Page 2 of 2

11. Which of the following statements is true regarding Deep Security Relays?

Both 32-bit and 64-bit Deep Security Agents can be promoted to a Deep Security Relay.

Deep Security Agents promoted to Deep Security Relays no longer provide the security capabilities enabled by the Protection Modules.

Deep Security Relays are able to process Deep Security Agent requests during updates.

Deep Security Agents communicate with Deep Security Relays to obtain security up-dates.

12. Your VMware environment is configured without using NSX.

How can Deep Security provide protection to the virtual images hosted on your ESXi servers?

Without NSX, a Deep Security Agent must be installed on each virtual machine hosted on the ESXi server.

Without NSX, you will be unable to use Deep Security to protect your virtual machines.

You can install a Deep Security Virtual Appliance on the ESXi server. This will provide agentless support for Anti-Malware, Intrusion Prevention, Integrity Monitoring, Firewall and Web Reputation.

Without NSX, you can only enable Anti-Malware and Integrity Monitoring protection on the virtual machines. NSX is required to support Intrusion Prevention, Firewall and Web Reputation

13. Which of following statements best describes Machine Learning in Deep Security?

Machine Learning is malware detection technique in which features of an executable file are compared against a cloud-based learning model to determine the probability of the file being malware.

Machine Learning is a malware detection technique in which files are scanned based on the true file type as determined by the file content, not the extension.

Machine Learning is a malware detection technique in which the Deep Security Agent monitors process memory in real time and once a process is deemed to be suspicious, Deep Security will perform additional checks with the Smart Protection Network to determine if this is a known good process.

Machine Learning is malware detection technique in which processes on the protected computer are monitored for actions that are not typically performed by a given process.

14. In the policy displayed in the exhibit, the state of the Web Reputation Protection Module is set to "Inherited (On)", while the state for the other Protection Module is set to "On".

Why is the Web Reputation Protection Module displayed differently than the other Protection Modules?

In this example, the state for the Web Reputation Protection Module is inherited from the parent policy, while the other Protection Modules were turned on specifically in this child policy.

The state for a Protection Module is always displayed as "Inherited (On)" until the module components are installed on the Deep Security Agent.

In this example, the state for the Web Reputation Protection Module is inherited from the parent policy, while the other Protection Modules were turned on at the computer level.

In this example, the state for the Web Reputation Protection Module is listed as "In-herited (On)" as it was inherited from the default setting in the Base Policy.

15. Based on the Malware Scan Configuration displayed in the exhibit, which of the following statements is false.

Any document files that display suspicious behavior will be submitted and executed in a sandbox environment on a Deep Discover Analyzer device.

Deep Security Agents using this Malware Scan Configuration will not monitor for compromised Windows processes.

Deep Security Agents will only be able to identify malware in files by using patterns downloaded from the Smart Protection Network.

Internet access is required to properly enable the features identified in this configuration.

16. The Security Level for Web Reputation in a policy is set to High. A server assigned this policy attempts to access a Web site with a credibility score of 78.

What is the result?

The Deep Security Agent allows access to the Web site, and logs the connection attempt as an Event.

The Deep Security Agent allows access as the credibility score for the Web site is above the allowed threshold.

The Deep Security Agent blocks access as the credibility score for the Web site is below the allowed threshold. An error page is displayed in the Web browser.

The Deep Security Agent displays a warning message as the site is unrated.

17. Which of the following Firewall rule actions will allow data packets to pass through the Firewall Protection Module without being subjected to analysis by the Intrusion Prevention Protection Module?

Deny

Bypass

Allow

Force Allow

18. Which Deep Security Protection Modules can be used to provide runtime protection for the Kubernetes and Docker platforms? Select all that apply.

Intrusion Prevention

Log Inspection

Integrity Monitoring

Anti-Malware

19. Which of the following VMware components is not required to enable agentless protection using Deep Security.

VMware NSX

VMware ESXi

VMware vRealize

VMware vCenter

20. What is the role of Apex Central in the Connected Threat Defense infrastructure?

Apex Central distributes Deep Security policies to Agents on the protected Servers.

Apex Central submits suspicious files to Deep Discovery Analyzer for further analysis.

Apex Central stores suspicious files that are awaiting submission to the Deep Discovery Analyzer.

Apex Central compiles the Suspicious Objects List based on the result of file analysis in Deep Discovery Analyzer.