Question No. 1

A Recommendation Scan is run to determine which Intrusion Prevention rules are appropriate for a Server. The scan is configured to apply the suggested rules automatically and ongoing scans are enabled. Some time later, an operating system patch is applied. How can you de-termine which Intrusion Prevention rules are no longer needed on this Server?

AThe READ ME file provided with the software patch will indicate which issues were addressed with this release. Compare this list to the rules that are applied to determine which rules are no longer needed and can be disabled.

BSince the rules are being applied automatically, when the next Intrusion Prevention Recommendation Scan is run automatically, any rules that are no longer needed will be automatically unassigned. These are rules that are no longer needed as the vulnerability was corrected with the patch.

CSince there is no performance effect when multiple Intrusion Prevention rules are ap-plied, there is no need to determine which rules are no longer needed. The original rec-ommended rules can remain in place without affecting the system.

CSince the rules are being applied automatically, when the next Intrusion Prevention Recommendation Scan is run automatically, any rules that are no longer needed will be displayed on the Recommended for Unassignment tab in the IPS Rules. These are rules that are no longer needed and can be disabled as the vulnerability was corrected with the patch.

Show Answer

Correct Answer: B

Question No. 2

What is the purpose of the Deep Security Relay?

ADeep Security Relays distribute load to the Deep Security Manager nodes in a high-availability implementation.

BDeep Security Relays forward policy details to Deep Security Agents and Virtual Ap-pliances immediately after changes to the policy are applied.

CDeep Security Relays maintain the caches of policies applied to Deep Security Agents on protected computers to improve performance.

DDeep Security Relays are responsible for retrieving security and software updates and distributing them to Deep Security Manager, Agents and Virtual Appliances.

Show Answer

Correct Answer: D

Question No. 3

How does Smart Scan vary from conventional pattern-based anti-malware scanning?

ASmart Scan improves the capture rate for malware scanning by sending features of suspicious files to an cloud-based server where the features are compared to known malware samples.

BSmart Scan shifts much of the malware scanning functionality to an external Smart Protection Server.

CSmart Scan is performed in real time, where conventional scanning must be triggered manually, or run on a schedule.

DSmart Scan identifies files to be scanned based on the content of the file, not the exten-sion.

Show Answer

Correct Answer: B

Advantages of the Smart Scan pattern over the conventional pattern protection in OfficeScan (OSCE)

Question No. 4

Which of the following statements is true regarding Deep Security Manager-todatabase com-munication?

ADeep Security Manager-to-database traffic is not encrypted by default, but can be en-abled by modifying settings in the ssl.properties file.

BDeep Security Manager-to-database traffic is encrypted by default, but can be disabled by modifying settings in the dsm.properties file.

CDeep Security Manager-to-database traffic is encrypted by default but can be disabled by modifying settings in the db.properties file.

DDeep Security Manager-to-database traffic is not encrypted by default, but can be en-abled by modifying settings in the dsm.properties file.

Show Answer

Correct Answer: D

Question No. 5

Which of the following are valid methods for pre-approving software updates to prevent Ap-plication Control Events from being triggered by the execution of the modified software? Select all that apply.

AOnce the inventory scan has run when Application Control is first enabled, there is no way to update the inventory to incorporate modified software.

BSoftware updates performed by a Trusted Updater will be automatically approved.

CEdit the inventory database file (AC.db) on the Agent computer to include the hash of the newly updated software. Save the change and restart the Deep Security Agent. The software updates will now be approved.

DMaintenance mode can be enabled while completing the updates.

Show Answer

Correct Answer: B, D

Normally, you will want Application Control to alert you when there are any unexpected software updates. However, some updates are expected and you will need provide allowances for these up-dates. Two methods for pre-approving software updates includes maintenance mode and trusted installers.

Explication: Study Guide - page (303-304)

Free Trend Deep-Security-Professional Exam Actual Questions

The questions for Deep-Security-Professional were last updated On Jan 16, 2025