Question No. 1

The Firewall Protection Module is enabled on a server through the computer details. What is default behavior of the Firewall if no rules are yet applied?

AAll traffic is permitted through the firewall until either a Deny or Allow rule is assigned.

BA collection of default rules will automatically be assigned when the Firewall Protection Module is enabled.

CAll traffic is blocked by the firewall until an Allow rule is assigned.

DAll traffic is passed through the Firewall using a Bypass rule

Show Answer

Correct Answer: B

Deep Security provides a set of Firewall rules that can be applied to policies or directly to a com-puter.

These default rules provide coverage for typical scenarios.

Set up the Deep Security firewall

Explication: Study Guide - page (219)

Question No. 2

Which of the following statements is true regarding Deep Security Relays?

ABoth 32-bit and 64-bit Deep Security Agents can be promoted to a Deep Security Relay.

BDeep Security Agents promoted to Deep Security Relays no longer provide the security capabilities enabled by the Protection Modules.

CDeep Security Relays are able to process Deep Security Agent requests during updates.

DDeep Security Agents communicate with Deep Security Relays to obtain security up-dates.

Show Answer

Correct Answer: D

Question No. 3

The Intrusion Prevention Protection Module is enabled, its Behavior is set to Prevent and rules are assigned. When viewing the events, you notice that one of Intrusion Prevention rules is being triggered and an event is being logged but the traffic is not being blocked. What is a possible reason for this?

AThe Deep Security Agent is experiencing a system problem and is not processing packets since the 'Network Engine System Failure' mode is set to 'Fail Open'.

BThe network engine is running in Inline mode. In Inline mode, Deep Security provides no protection beyond a record of events.

CThe Intrusion Prevention rule is being triggered as a result of the packet sanity check failing and the packet is being allowed to pass.

DThe default Prevention Behavior in this particular rule may be set to Detect. This logs the triggering of the rule, but does not actually enforce the block.

Show Answer

Correct Answer: D

Question No. 4

Which of the following statements is true regarding Event Tagging?

AAdding a tag to an Event modifies the Event data by adding fields, including the name of the tag, the date the tag was applied, and whether the tag was applied manually or automatically

BOnly a single tag can be assigned to an Event.

CEvents can be tagged automatically if they are similar to known good Events.

DEvents can be automatically deleted based on tags.

Show Answer

Correct Answer: C

Question No. 5

As the administrator in a multi-tenant environment, you would like to monitor the usage of security services by tenants? Which of the following are valid methods for monitoring the usage of the system by the tenants?

AGenerate a Chargeback report in Deep Security manager Web console.

BAll the choices listed here are valid.

CUse the Representational State Transfer (REST) API to collect usage data from the tenants.

DMonitor usage by the tenants from the Statistics tab in the tenant Properties window.

Show Answer

Correct Answer: B

Deep Security Manager records data about tenant usage. This information is displayed in the Ten-ant Protection Activity widget on the Dashboard, the Statistics tab in tenant Properties, and the Chargeback report.

This information can also be accessed through the Status Monitoring REST API which can be enabled or disabled from the Administration > Advanced > System Settings > Advanced > Status Monitoring API.

multi-tenancy

Explication: Study Guide - page (422)

Free Trend Deep-Security-Professional Exam Actual Questions

The questions for Deep-Security-Professional were last updated On Dec 18, 2024