Trend Deep-Security-Professional Exam Questions - Real Practice Questions for Guaranteed Success

Question 1

A Recommendation Scan is run to determine which Intrusion Prevention rules are appropriate for a Server. The scan is configured to apply the suggested rules automatically and ongoing scans are enabled. Some time later, an operating system patch is applied. How can you de-termine which Intrusion Prevention rules are no longer needed on this Server?

AThe READ ME file provided with the software patch will indicate which issues were addressed with this release. Compare this list to the rules that are applied to determine which rules are no longer needed and can be disabled.

BSince the rules are being applied automatically, when the next Intrusion Prevention Recommendation Scan is run automatically, any rules that are no longer needed will be automatically unassigned. These are rules that are no longer needed as the vulnerability was corrected with the patch.

CSince there is no performance effect when multiple Intrusion Prevention rules are ap-plied, there is no need to determine which rules are no longer needed. The original rec-ommended rules can remain in place without affecting the system.

CSince the rules are being applied automatically, when the next Intrusion Prevention Recommendation Scan is run automatically, any rules that are no longer needed will be displayed on the Recommended for Unassignment tab in the IPS Rules. These are rules that are no longer needed and can be disabled as the vulnerability was corrected with the patch.

Correct : B

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

0 / 1500

Question 2

Which of the following correctly describes the Firewall rule Action of Force Allow?

AForce Allow permits traffic that would otherwise be denied by other Firewall rules to pass, but still enforces filtering by the Intrusion Prevention Protection Module.

BForce Allow permits traffic to bypass analysis by both the Firewall and Intrusion Pre-vention Protection Modules.

CForce Allow explicitly allows traffic that matches the Firewall rule to pass, and implicitly denies all other traffic.

DForce Allow permits traffic to bypass analysis by all Deep Security Protection Modules.

Correct : A

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

AForce Allow permits traffic that would otherwise be denied by other Firewall rules to pass, but still enforces filtering by the Intrusion Prevention Protection Module.

BForce Allow permits traffic to bypass analysis by both the Firewall and Intrusion Pre-vention Protection Modules.

CForce Allow explicitly allows traffic that matches the Firewall rule to pass, and implicitly denies all other traffic.

DForce Allow permits traffic to bypass analysis by all Deep Security Protection Modules.

0 / 1500

Question 3

How can you prevent a file from being scanned for malware?

AEnable 'File Types scanned by IntelliScan' in the Malware Scan Configuration prop-erties in the Deep Security Manager Web console. Click 'Scan All Except' and type the filename to exclude from the scan.

BEdit the 'Scan Exclusions' section of the dsa.properties configuration file on the Deep Security Agent computer to include the file name. Save the configuration file and restart the Deep Security Agent service.

CAdd the file to the Exclusions list in the Malware Scan Configuration.

DAdd the file to the Exclusions list in the 'Allowed Spyware/Grayware Configuration'.

Correct : C

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

CAdd the file to the Exclusions list in the Malware Scan Configuration.

DAdd the file to the Exclusions list in the 'Allowed Spyware/Grayware Configuration'.

0 / 1500

Question 4

Which of the following correctly identifies the order of the steps used by the Web Reputation Protection Module to determine if access to a web site should be allowed?

AChecks the cache. 2. Checks the Deny list. 3. Checks the Approved list. 4. If not found in any of the above, retrieves the credibility score from Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.

BChecks the cache. 2. Checks the Approved list. 3. Checks the Deny list. 4. If not found in any of the above, retrieves the credibility score from the Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.

CChecks the Deny list. 2. Checks the Approved list. 3. Checks the cache. 4. If not found in any of the above, retrieves the credibility score from Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.

DChecks the Approved list. 2. Checks the Deny list. 3. Checks the cache. 4. If not found in any of the above, retrieves the credibility score from the Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.

Correct : D

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

0 / 1500

Question 5

While viewing the details of the Firewall Protection Module, as displayed in the exhibit, you note that a few rules have already been assigned. You try to disable these rules, but they can not be unassigned. Why can the displayed rules not be unassigned?

AThe rules displayed in the exhibit have been hard-coded with the details of the policy. These rules will automatically be assigned to all Firewall policies that are created and can not be unassigned.

BThe rules displayed in the exhibit have been assigned to the policy at the parent level. Rules assigned to a parent policy can not be unassigned at the child level.

CThe rules displayed in the exhibit were assigned to the policy automatically when a Recommendation Scan was run. Rules assigned through a Recommendation Scan can not be disabled once assigned.

DThe rules displayed in the exhibit can not be unassigned as the administrator currently logged into the Deep Security Manager Web console does not have the permissions necessary to unassign rules.

Correct : B

Options Selected by Other Users:

Mark Question:

Start a Discussions

Submit Your Answer:

BThe rules displayed in the exhibit have been assigned to the policy at the parent level. Rules assigned to a parent policy can not be unassigned at the child level.

CThe rules displayed in the exhibit were assigned to the policy automatically when a Recommendation Scan was run. Rules assigned through a Recommendation Scan can not be disabled once assigned.

DThe rules displayed in the exhibit can not be unassigned as the administrator currently logged into the Deep Security Manager Web console does not have the permissions necessary to unassign rules.

0 / 1500

Master Trend Deep-Security-Professional Exam with Reliable Practice Questions

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users:

Options Selected by Other Users: