100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Deep Security 12 Certified Professional | Exam $7.99   Add to cart

Exam (elaborations)

Deep Security 12 Certified Professional | Exam

 1 view  0 purchase
  • Course
  • Institution

Deep Security 12 Certified Professional | Exam QUESTIONS: 50 | ATTEMPTS: 3 Which Protection Modules can make use of a locally installed Smart Protection Server? The Anti-Malware and Web Reputation Protection Modules can make use of the locally installed Smart Protection Server. Anti-Malware...

[Show more]

Preview 3 out of 19  pages

  • February 15, 2023
  • 19
  • 2022/2023
  • Exam (elaborations)
  • Questions & answers
avatar-seller
12/12/2019 https://success.trendmicro.com/LMS/apex/lmsilt__quiz?Id=a9C4P000000kG9sUAE&TLID=a9P4P000000lk22UAA&…


Deep Security 12 Certified Professional | Exam
QUESTIONS: 50 | ATTEMPTS: 3
00:21:42


1 Which Protection Modules can make use of a locally installed Smart
Protection Server?

The Anti-Malware and Web Reputation Protection Modules can
make use of the locally installed Smart Protection Server.
Anti-Malware is the only Protection Modules that can use the locally
installed Smart Protection Server.

The Anti-Malware, Web Reputation and Intrusion Prevention
Protection Modules can make use of the locally installed Smart
Protection Server.

All Protection Modules can make use of the locally installed Smart
Protection Server.




2 New servers are added to the Computers list in Deep Security Manager
Web config by running a Discover operation. What behavior can you
expect for newly discovered computers?

Any servers within the IP address range that are hosting Deep
Security Agents will be added to the Computers list and will be
automatically activated.
Any servers within the IP address range will be added to the
Computers list, regardless of whether they are hosting a Deep Security
Agent or not.
Any servers discovered in the selected Active Directory branch
hosting a Deep Security Agent will be added to the Computers list.
Any servers within the IP address range hosting a Deep Security
Agent will be added to the Computers list.




3 Based on the details of event displayed in the exhibit, which of the
following statements is false?




https://success.trendmicro.com/LMS/apex/lmsilt__quiz?Id=a9C4P000000kG9sUAE&TLID=a9P4P000000lk22UAA&ue=ue&Type… 1/19

,12/12/2019 https://success.trendmicro.com/LMS/apex/lmsilt__quiz?Id=a9C4P000000kG9sUAE&TLID=a9P4P000000lk22UAA&…




The scan may be generated from an IP address which may be
known to you. If so, the source IP address can be added to the
reconnaissance whitelist.

You can instruct the Deep Security Agents and Appliances to block
traffic from the source IP address for a period of time.

You can create a firewall rule to permanently block traffic from the
originating IP address.

The Intrusion Prevention Protection Modules must be enabled to
detect reconnaissance scans.




4 Which of the following statements is false regarding Firewall rules using
the Bypass action?

Applying a Firewall rule using the Bypass action to traffic in one
direction automatically applies the same action to traffic in the other
direction.

Firewall rules using the Bypass action can be optimized, allowing
traffic to flow as efficiently as if a Deep Security Agent was not there.

Firewall rules using the Bypass action allow incoming traffic to skip
both Firewall and Intrusion Prevention analysis.

Firewall rules using the Bypass action do not generate log events.




5 Based on the following exhibit, what behavior would you expect for the
Application Control Protection Module




https://success.trendmicro.com/LMS/apex/lmsilt__quiz?Id=a9C4P000000kG9sUAE&TLID=a9P4P000000lk22UAA&ue=ue&Type… 2/19

, 12/12/2019 https://success.trendmicro.com/LMS/apex/lmsilt__quiz?Id=a9C4P000000kG9sUAE&TLID=a9P4P000000lk22UAA&…




Since this computer is in Maintenance Mode, new or changed
software will be automatically added to the list of Allowed software in the
currently active ruleset.

Since this computer is in Maintenance Mode, Application Control will
allow any Blocked software to temporarily run.
Since this computer is in Maintenance Mode, Application Control will
ignore any Blocked software in the currently active ruleset.
Since this computer is in Maintenance Mode, updates to the
Application Control Protection Module will be applied.




6 Which of the following statements is true regarding Firewall Rules?

Firewall Rules applied through a parent-level Policy cannot be
unassigned in a child-level policy.

Firewall Rules are always processed in the order in which they
appear in the rule list, as displayed in the Deep Security manager Web
console.
Firewall Rules applied to Policy supersede similar rules applied to
individuals computers.

When traffic is intercepted by the network filter, Firewall Rules in the
policy are always applied before any other processing is done.




7 Which of following statements best describes Machine Learning in Deep
Security?

Machine Learning is a malware detection technique in which the
Deep Security Agent monitors process memory in real time and once a
process is deemed to be suspicious, Deep Security will perform
additional checks with the Smart Protection Network to determine if this
is a known good process.

Machine Learning is a malware detection technique in which files
are scanned based on the true file type as determined by the file content,
not the extension.

Machine Learning is malware detection technique in which features
of an executable file are compared against a cloud-based learning model
to determine the probability of the file being malware.

Machine Learning is malware detection technique in which

https://success.trendmicro.com/LMS/apex/lmsilt__quiz?Id=a9C4P000000kG9sUAE&TLID=a9P4P000000lk22UAA&ue=ue&Type… 3/19

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Themanehoppe. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $7.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

75323 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$7.99
  • (0)
  Add to cart