Professional Documents
Culture Documents
Chercher... : David Aman
Chercher... : David Aman
Chercher... : David Aman
David Aman
Produits et services
Programme partenaires
Ventes
Marketing
Formations
Incentives
Contacts
256 MB
512 MB
1024 MB
2048 MB
2. Which component is NOT available in Kaspersky Endpoint Security 11.1 for Windows?
Device Control
Firewall
3. Which of the following Administration Server parameters cannot be modified without reinstalling Kaspersky
Security Center?
If the administrator selects the option "Assign Network Agent installation in the Active Directory group policies", the
task will install only the Network Agent
The task will install Kaspersky Endpoint Security using Network Agent tools after the Agent connects to the Server
The task will install Kaspersky Endpoint Security using Windows tools, without waiting for the Network Agent to
install
The same way as Network Agent, the task will assign installing the MSI package of Kaspersky Endpoint Security in
the Active Directory policy
6. What is the primary function of the Kaspersky Network Agent?
Provide communication between the Administration Server and Kaspersky Lab protection software
Export the settings from the local Kaspersky Endpoint Security interface and copy this file into the folder where the
standalone package is located
Export the settings from the local Kaspersky Endpoint Security interface and specify this file as the configuration file
in the properties of the regular installation package prior to creating a standalone package
Export the policy of Kaspersky Endpoint Security 11.1 for Windows with the configured settings to a file and specify
this file as the configuration file in the properties of the regular installation package prior to creating a standalone package
Export the policy of Kaspersky Endpoint Security 11.1 for Windows with the necessary settings to a file and copy
this file into the folder that contains the standalone package files
10. How to do it without wasting time, either now or later?
There are 1000 computers in the company, approximately 200 of which are servers. During the next year, the company
plans to add about 500 computers to the network (servers and workstations). Now, all computers are located within the
"Managed devices" group, but the administrator has decided to group them according to the operating system type.
Create a selection of computers running server operating systems and another one for non-servers; create computer
relocation tasks for them
Use the "Search" utility to find all computers with server operating systems and use the shortcut menu to move them
to their destination group; do the same to non-server operating systems; repeat as necessary
Sort the list of computers in the "Managed devices" group by the operating system type, select servers and move them
to their destination group, then move the other computers into another group; repeat as necessary
11. Which of the following versions of SQL server is included with the Kaspersky Security Center 11
Administration Server distribution?
To make task settings enforced on the computers, the respective locks must be closed
By default, subgroups’ tasks inherit settings of the parent group’s tasks (as far as tasks of the same type are
concerned)
The administrator can create a task for a set of computers belonging to different groups
There may not be more than one task for the same application in a group
3, 2, 1
3, 1, 2
2, 3, 1
1, 2, 3
14. The administrator has selected to "Assign Network Agent installation in the Active Directory group policies"
in a remote installation task. How will the Network Agent installation files get on the computers?
The Administration Server will copy the files to the computers’ temporary folders over the network beforehand
Computers will download them from the shared folder on the domain controller
Computers will download them from the shared folder on the Administration Server
Computers will receive them from the domain controller together with the Active Directory group policy
15. There is a standalone package on the Administration Server that installs Kaspersky Endpoint Security with the
default set of components. How to make the package also install the "BadUSB Attack Prevention" component?
Open the folder where the standalone package is located and edit the installation string in the .kud file
Open the folder where the standalone package is located and edit the list of components in the .kud file
Select the component in the original Kaspersky Endpoint Security package and re-create the standalone package
Open the properties of the standalone package in the Administration Console and select the necessary component
16. If the administrator mistyped the Administration Server address in the installation wizard, where can this
address be modified in the Administration Console?
In properties of the node "Advanced | Remote installation | Installation packages" in the MMC console
Email address
DNS name
NetBIOS name
IPv6 address
IPv4 address
MAC address
20. Select the correct statement:
If a computer is included in several groups, the policy that is higher in the Policies node is applied to it
If a computer is included in several groups, the policy of the group that is higher in the list is applied
21. Which of the following operating systems does Kaspersky Endpoint Security for Windows (11.1.0) support?
Third-party antiviruses
None
AnnulerRéinitialiserSuivantEnvoyer
Produits et services
Programme partenaires
Ventes
Marketing
Formations
Incentives
Contacts
Untrusted
High Restricted
Low Restricted
Trusted
25. Which component or subsystem of Kaspersky Endpoint Security 11.1 for Windows causes this behaviour?
The administrator has noticed that the interface of Kaspersky Endpoint Security 11.1 for Windows doesn’t respond to
commands when accessing the computer via a 3rd-party remote desktop tool.
Firewall
Self-Defense
Behaviour Detection
None, because the Host Intrusion Prevention component will block them
27. Under which conditions does Kaspersky Endpoint Security switch to the out-of-office mode with the enabled
option "Switch to out-of-office policy when Administration Server is not available"?
After an unsuccessful synchronization, if the client computer does not receive an answer to the command "ping
<Administration Server address>"
After an unsuccessful synchronization, if the client computer fails to resolve the Administration Server name
After three successive failed synchronizations with the Administration Server or after all networks have been
disconnected
Signature or heuristic analysis returned the "Clean" verdict, while the KSN database considers the file to be infected
Signature or heuristic analysis returned the "Infected" verdict, while the KSN database considers the file to be clean
30. Which component of Kaspersky Endpoint Security 11.1 for Windows except "Web Threat Protection" takes
part in protection against phishing?
Web Control
It backs up documents and if a document gets encrypted by malware, it restores it from a backup copy
Trusted networks
Local networks
Public networks
At the first connection, the certificate will be substituted, https traffic will be scanned. At subsequent connections, the
certificate will NOT be substituted, https traffic will NOT be scanned
The certificate will NOT be substituted, https traffic will NOT be scanned
35. How can you exclude a file from the File Threat Protection scope?
Modify the protection scope of File Threat Protection
Add the certificate with which the file is signed to the computers’ certificate store and configure an exclusion for this
store
Add the program that accesses the file to the list of trusted processes
Create an Application control rule that allows all inbound and outbound packets to/from 192.168.12.25, and specify
«*» for the application
Create a "Network packet rule" that allows all inbound and outbound packets to/from the address 192.168.12.25 and
place it on top of the rule list
Specify a network with address 192.168.12.25/32 and assign the "Trusted Network" status to it
37. What does the Firewall do with a packet that meets conditions of several rules, including allow and block?
Produits et services
Programme partenaires
Ventes
Marketing
Formations
Incentives
Contacts
Load a Kaspersky Endpoint Security for Business "Advanced" license into Kaspersky Security Center
Open the Kaspersky Security Center interface settings and select the "Display endpoint control settings" check box
Run a "Change application components" task and select the "Standard" installation type instead of the "Basic
installation" type
Create application categories in the "Advanced | Application management | Application categories" node on the
Administration Server
This scenario cannot be implemented in Kaspersky Endpoint Security 11.1 for Windows
Create a category for Internet Explorer, create an allow rule for this category, and move it to the bottom of the list of
rules
Create a category for Internet Explorer, create a rule allowing the start of programs of this category, and place it
higher on the list than the rule that prohibits "Browsers"
The files whose metadata coincides with the metadata of the files located in "С:\Program Files\Microsoft\" on the
Administration Server
The files that have the same certificate as any of the files located in "С:\Program Files\Microsoft\" on the
Administration Server
The files whose SHA-256 checksum coincides with the checksum of a file located in "С:\Program Files\Microsoft\"
on the Administration Server
The files whose MD5 checksum coincides with the checksum of a file located in "C:\Program Files\Microsoft\" on
the Administration Server
42. You want to prohibit the users from starting any browser except for Internet Explorer. You don’t want to
block any other kinds of applications. Which of the components within Kaspersky Endpoint Security 11.1 for
Windows is the right tool for the job?
Web Control
Device Control
Application Control
43. If the "Block" action is selected for the USB bus in Device Control of Kaspersky Endpoint Security 11.1 for
Windows, and "Allow" for the "Removable drives" category, will the users be able to access removable drives
connected over USB?
No
Yes
Yes, but only the users who have Local Administrator privileges
Test
Warn
Block
Allow
AnnulerRéinitialiserPrécédentSuivantEnvoyer
Chercher...
David Aman
Produits et services
Programme partenaires
Ventes
Marketing
Formations
Incentives
Contacts
Yes
Yes, but only if the "From 1000 to 5000 computers" or "More than 5000 computers" option was selected during the
installation of the Administration Server
Yes, but only if the computers are organized into several subgroups with update tasks having different schedules
No
46. How can you make the computers’ status normal again?
Several computers have the "Warning" status with the "Many viruses detected" description in Kaspersky Security Center
11 Administration Console. You have studied the event history on these computers and decided that the computers are out
of danger, because all threats have been neutralized correctly.
Delete the virus detection events from the Administration Server database
47. What is the purpose of the klmover.exe utility?
It helps to modify the parameters that Network Agent uses to connect to the Administration Server
Operations | Kaspersky Lab applications | Kaspersky Lab software updates and patches
49. The databases are regularly updated in the repository, but the group task starts on the client computers only
after a planned synchronization rather than immediately. Why?
Consider a network protected with Kaspersky Endpoint Security 11.1 and managed through Kaspersky Security Center
11.
There is a group update task scheduled to start "When new updates are downloaded to the repository".
UDP port 15000 is inaccessible on the Administration Server (for example, blocked by the firewall)
UDP port 15000 is inaccessible on the client computer (for example, blocked by the firewall)
50. How can you achieve this?
Many computers have the "Critical" status with the "Not scanned for a long time" description in Kaspersky Security
Center 11 Administration Console. The administrator thinks that it is not a problem and does not want this condition to
influence computer statuses.
Modify the status change conditions in the policy of Kaspersky Endpoint Security for Windows
It is not possible
AnnulerRéinitialiserPrécédentEnvoyer