Chercher...

David Aman

Produits et services
Programme partenaires
Ventes
Marketing
Formations
Incentives
Contacts

002.11.1 - Exam: Kaspersky Endpoint Security and Management [e]>Deployment

Temps restant: 01:09:54
Progression
0 / 50
0%
1. What is the minimum amount of RAM required to install Kaspersky Endpoint Security for Windows (11.1.0) on
a 32-bit Windows operating system?

256 MB

512 MB

1024 MB

2048 MB
2. Which component is NOT available in Kaspersky Endpoint Security 11.1 for Windows?

Full Disk Encryption

File and Folder Backup

Device Control

Firewall
3. Which of the following Administration Server parameters cannot be modified without reinstalling Kaspersky
Security Center?

Shared folder location

 SQL server address

Administration Server account

Administration Server communication ports

4. ABC Inc. plans to deploy Kaspersky Security Center and Kaspersky Endpoint Security in a network segment
where there is no access to the Internet. What is the best way to activate the products in this case?

Any activation method can be used

With an activation code

With a key file

5. How will Kaspersky Endpoint Security be installed?
The administrator has selected to "Assign Network Agent installation in the Active Directory group policies" in the
remote installation task that installs Kaspersky Endpoint Security together with Network Agent.

If the administrator selects the option "Assign Network Agent installation in the Active Directory group policies", the
task will install only the Network Agent

The task will install Kaspersky Endpoint Security using Network Agent tools after the Agent connects to the Server

The task will install Kaspersky Endpoint Security using Windows tools, without waiting for the Network Agent to
install

The same way as Network Agent, the task will assign installing the MSI package of Kaspersky Endpoint Security in
the Active Directory policy
6. What is the primary function of the Kaspersky Network Agent?

Provide web access to the Administration Server interface

Provide local and remote access to the Administration Server interface

Provide communication between the Administration Server and Kaspersky Lab protection software

Store the event database

7. Which policy settings are compulsory in Kaspersky Security Center?

Locked policy settings

Unlocked policy settings

Settings of an active policy

8. Which group tasks and policies does the Quick Start wizard create on the Administration Server when started
from the Web console?

A policy for Kaspersky Security Center Network Agent

A Virus Scan task for Kaspersky Endpoint Security for Windows

A ‘Find vulnerabilities and required updates’ task for Network Agent

A Rollback task for Kaspersky Endpoint Security for Windows

An Update task for Kaspersky Endpoint Security for Windows

An out-of-office policy for Kaspersky Endpoint Security for Windows

A policy for Kaspersky Endpoint Security for Windows

9. When configuring a standalone installation package of Kaspersky Endpoint Security 11.1 for Windows in
Kaspersky Security Center for computers that do not have access to the network, how would you include custom
protection settings into the package?

Export the settings from the local Kaspersky Endpoint Security interface and copy this file into the folder where the
standalone package is located

Export the settings from the local Kaspersky Endpoint Security interface and specify this file as the configuration file
in the properties of the regular installation package prior to creating a standalone package

Export the policy of Kaspersky Endpoint Security 11.1 for Windows with the configured settings to a file and specify
this file as the configuration file in the properties of the regular installation package prior to creating a standalone package

Export the policy of Kaspersky Endpoint Security 11.1 for Windows with the necessary settings to a file and copy
this file into the folder that contains the standalone package files
10. How to do it without wasting time, either now or later?
There are 1000 computers in the company, approximately 200 of which are servers. During the next year, the company
plans to add about 500 computers to the network (servers and workstations). Now, all computers are located within the
"Managed devices" group, but the administrator has decided to group them according to the operating system type.

Create a selection of computers running server operating systems and another one for non-servers; create computer
relocation tasks for them

Configure a computer relocation rule based on the operating system type

Use the "Search" utility to find all computers with server operating systems and use the shortcut menu to move them
to their destination group; do the same to non-server operating systems; repeat as necessary
 Sort the list of computers in the "Managed devices" group by the operating system type, select servers and move them
to their destination group, then move the other computers into another group; repeat as necessary
11. Which of the following versions of SQL server is included with the Kaspersky Security Center 11
Administration Server distribution?

Microsoft SQL Server 2008 R2 Express

Microsoft SQL Server 2014 Express

Microsoft SQL Server 2016 Express

Microsoft SQL Server 2017 Express

None of the above

12. Select the correct statements about tasks in Kaspersky Security Center:

To make task settings enforced on the computers, the respective locks must be closed

By default, subgroups’ tasks inherit settings of the parent group’s tasks (as far as tasks of the same type are
concerned)

The administrator can exclude a subgroup from a task’s scope

The administrator can create a task for a set of computers belonging to different groups

There may not be more than one task for the same application in a group

There are active and inactive tasks

13. Select the recommended deployment plan:
To deploy protection in a network, you need to:

1. Install Network Agents

2. Install Kaspersky Endpoint Security
3. Install the Administration Server.

3, 2, 1

3, 1, 2

2, 3, 1

1, 2, 3
14. The administrator has selected to "Assign Network Agent installation in the Active Directory group policies"
in a remote installation task. How will the Network Agent installation files get on the computers?

The Administration Server will copy the files to the computers’ temporary folders over the network beforehand

Computers will download them from the shared folder on the domain controller

Computers will download them from the shared folder on the Administration Server

Computers will receive them from the domain controller together with the Active Directory group policy
15. There is a standalone package on the Administration Server that installs Kaspersky Endpoint Security with the
default set of components. How to make the package also install the "BadUSB Attack Prevention" component?

Open the folder where the standalone package is located and edit the installation string in the .kud file

Open the folder where the standalone package is located and edit the list of components in the .kud file

Select the component in the original Kaspersky Endpoint Security package and re-create the standalone package

Open the properties of the standalone package in the Administration Console and select the necessary component
16. If the administrator mistyped the Administration Server address in the installation wizard, where can this
address be modified in the Administration Console?

In the "Administration Server" properties

In properties of the node "Advanced | Remote installation | Installation packages" in the MMC console

In the properties of the installation package of Kaspersky Endpoint Security

In the properties of the Network Agent installation package

17. Which of the following database servers does Kaspersky Security Center 11 support?

Microsoft SQL Server 2005

Microsoft SQL Server 2008 R2

Microsoft SQL Server 2012

Microsoft SQL Server 2014

Microsoft SQL Server 2016

Microsoft SQL Server 2017

18. Where does Kaspersky Security Center store events of the computers that the administrator can see in the
reports?

In Kaspersky Security Network

In the SQL/MySQL database

In the Windows Event Log

In text event logs

19. Which of the following can be specified as the Administration Server connection address for Network Agents
in Kaspersky Security Center 11?

Email address

DNS name

NetBIOS name

IPv6 address

IPv4 address

MAC address
20. Select the correct statement:

If a computer is included in several groups, a policy is not applied to it

A computer cannot be included in several groups

If a computer is included in several groups, the policy that is higher in the Policies node is applied to it

If a computer is included in several groups, the policy of the group that is higher in the list is applied
21. Which of the following operating systems does Kaspersky Endpoint Security for Windows (11.1.0) support?

Microsoft Windows Server 2003

Microsoft Windows Server 2003 R2

Microsoft Windows Server 2008

Microsoft Windows Server 2008 R2

Microsoft Windows Server 2012

 Microsoft Windows Server 2012 R2

Microsoft Windows Server 2016

22. Which of the following database servers does Kaspersky Security Center 11 support?

Amazon RDS for MySQL

Amazon RDS for SQL Server

Microsoft Azure SQL Database

MySQL Enterprise 5.7

Microsoft SQL Server 2017 on Linux

Microsoft SQL Server 2017 on Windows

Microsoft SQL Server 2012

23. Which program types does the installer of Kaspersky Security Center Network Agent consider to be
incompatible and try to delete?

Third-party antiviruses

Third-party agents (such as ePO Agent)

Third-party backup tools

Third-party remote management tools (such as TeamViewer, VNC, RemoteAdmin, etc.)

None
AnnulerRéinitialiserSuivantEnvoyer

GDPR Politique de confidentialité Actualités

Support technique Contacts

© 2020 AO Kaspersky. All Rights Reserved
 Chercher...
David Aman

Produits et services
Programme partenaires
Ventes
Marketing
Formations
Incentives
Contacts

002.11.1 - Exam: Kaspersky Endpoint Security and Management [e]>Protection management

Temps restant: 00:31:53
Progression
23 / 50
46%
24. Into which trust group does Host Intrusion Prevention move programs by default for which it cannot receive
information from KSN?

Untrusted

High Restricted

Low Restricted

Trusted
25. Which component or subsystem of Kaspersky Endpoint Security 11.1 for Windows causes this behaviour?
The administrator has noticed that the interface of Kaspersky Endpoint Security 11.1 for Windows doesn’t respond to
commands when accessing the computer via a 3rd-party remote desktop tool.

Firewall

Self-Defense

Behaviour Detection

Host Intrusion Prevention

 None of the above
26. Which access to network do programs get that belong to the High Restricted group on Microsoft Windows
Server 2012 R2 protected with Kaspersky Endpoint Security 11.1 under the default settings?

Access to trusted and local networks

Access only to trusted networks

Full network access

None, because the Host Intrusion Prevention component will block them
27. Under which conditions does Kaspersky Endpoint Security switch to the out-of-office mode with the enabled
option "Switch to out-of-office policy when Administration Server is not available"?

After an unsuccessful synchronization, if the client computer does not receive an answer to the command "ping
<Administration Server address>"

After an unsuccessful synchronization, if the client computer fails to resolve the Administration Server name

After three successive failed synchronizations with the Administration Server or after all networks have been
disconnected

After an unsuccessful synchronization with the Administration Server

28. A user tries to download an infected object over HTTPS. Which component of Kaspersky Endpoint Security
11.1 for Windows will be the first to detect it?

Network Threat Protection

Host Intrusion Prevention

File Threat Protection

Web Threat Protection

29. In which of the following cases will Kaspersky Endpoint Security 11.1 for Windows consider a file to be non-
infected?

Signature or heuristic analysis returned the "Clean" verdict, while the KSN database considers the file to be infected

Signature or heuristic analysis returned the "Infected" verdict, while the KSN database considers the file to be clean
30. Which component of Kaspersky Endpoint Security 11.1 for Windows except "Web Threat Protection" takes
part in protection against phishing?

File Threat Protection

 Mail Threat Protection

Web Control

None of the above

31. How does Kaspersky Endpoint Security 11.1 for Windows protect against ransomware that encrypts files?

It backs up documents and if a document gets encrypted by malware, it restores it from a backup copy

It automatically brute-forces the key and decrypts the encrypted documents

It heuristically detects encryption attempts and blocks malware

It generates bitcoin cryptocurrency for the ransom in the background

32. Kaspersky Endpoint Security 11.1 for Windows is installed with the default settings. In which of the following
networks are programs belonging to the "Low restricted" group allowed to exchange packets?

Trusted networks

Local networks

Public networks

None of the above

33. Select the correct statements about exclusions for files and folders in Kaspersky Endpoint Security:

A folder’s path must end with "\"

You can use regular expressions, such as "@"\w\\(?:Ft|Dev)\\Branch\\?$""

You can use wildcards: "?" and "*"

You can use environment variables, such as "%programfiles%"

34. How will Web Threat Protection scan https traffic under the default settings if a website uses an EV
certificate?

At the first connection, the certificate will be substituted, https traffic will be scanned. At subsequent connections, the
certificate will NOT be substituted, https traffic will NOT be scanned

The certificate will be substituted, https traffic will be scanned

The certificate will NOT be substituted, https traffic will NOT be scanned
35. How can you exclude a file from the File Threat Protection scope?
 Modify the protection scope of File Threat Protection

Add the certificate with which the file is signed to the computers’ certificate store and configure an exclusion for this
store

Set the file scan time limit to maximum

Add the program that accesses the file to the list of trusted processes

Add the path to the file or folder to the list of exclusions

36. You want the Firewall in Kaspersky Endpoint Security 11.1 for Windows to allow any packets from
192.168.12.25. How can you achieve this?

Create an exclusion for the address 192.168.12.25 in the "Trusted zone"

Create an Application control rule that allows all inbound and outbound packets to/from 192.168.12.25, and specify
«*» for the application

Create a "Network packet rule" that allows all inbound and outbound packets to/from the address 192.168.12.25 and
place it on top of the rule list

Specify a network with address 192.168.12.25/32 and assign the "Trusted Network" status to it
37. What does the Firewall do with a packet that meets conditions of several rules, including allow and block?

Applies the rule that is lower in the list

Applies the rule that is higher in the list

Blocks the packet

Allows the packet

AnnulerRéinitialiserPrécédentSuivantEnvoyer

GDPR Politique de confidentialité Actualités

Support technique Contacts

© 2020 AO Kaspersky. All Rights Reserved
 Chercher...
David Aman

Produits et services
Programme partenaires
Ventes
Marketing
Formations
Incentives
Contacts

002.11.1 - Exam: Kaspersky Endpoint Security and Management [e]>Security Controls

Temps restant: 00:08:38
Progression
37 / 50
74%
38. The administrator wants to configure Device Control settings in the policy of Kaspersky Endpoint Security
11.1 for Windows, but the control options are not displayed in the policy. How should the administrator fix this?

Load a Kaspersky Endpoint Security for Business "Advanced" license into Kaspersky Security Center

Open the Kaspersky Security Center interface settings and select the "Display endpoint control settings" check box

Run a "Change application components" task and select the "Standard" installation type instead of the "Basic
installation" type

None of the above

39. What should the administrator do to be able to create Application Control rules?
After completing the Quick Start wizard of the Kaspersky Security Center 11 Administration Server, the administrator
opens the policy of Kaspersky Endpoint Security 11.1 for Windows to configure Application Control rules. It turns out
that to set up the rules, you need to select application categories from the list, which is empty.

Create and run the "Inventory" task on at least one computer

Just wait for the databases to be updated on the Administration Server

Create application categories in the "Advanced | Application management | Application categories" node on the
Administration Server

Create application categories in the Application Control settings

40. How can you configure an exclusion for Internet Explorer?
You want to configure the policy of Kaspersky Endpoint Security 11.1 for Windows to prohibit the use of all browsers
except Internet Explorer. For this purpose, you have created an application category named "Browsers", which coincides
with the "Web Browsers" "KL category", and prohibited its start.

This scenario cannot be implemented in Kaspersky Endpoint Security 11.1 for Windows

Create a category for Internet Explorer, create an allow rule for this category, and move it to the bottom of the list of
rules

Create a category for Internet Explorer, create a rule allowing the start of programs of this category, and place it
higher on the list than the rule that prohibits "Browsers"

Create an exclusion for Internet Explorer in the created "Browsers" category

41. Which executable files will get into this category?
The administrator of Kaspersky Security Center 11 connects the ММС console to the locally installed Administration
Server, creates an automatically filled application category, and specifies the С:\Program Files\Microsoft\ folder as a
parameter.

The files whose metadata coincides with the metadata of the files located in "С:\Program Files\Microsoft\" on the
Administration Server

The files that have the same certificate as any of the files located in "С:\Program Files\Microsoft\" on the
Administration Server

The files whose SHA-256 checksum coincides with the checksum of a file located in "С:\Program Files\Microsoft\"
on the Administration Server

The files whose MD5 checksum coincides with the checksum of a file located in "C:\Program Files\Microsoft\" on
the Administration Server
42. You want to prohibit the users from starting any browser except for Internet Explorer. You don’t want to
block any other kinds of applications. Which of the components within Kaspersky Endpoint Security 11.1 for
Windows is the right tool for the job?

Adaptive Anomaly Control

Web Control

Device Control

Host Intrusion Prevention

Application Control
43. If the "Block" action is selected for the USB bus in Device Control of Kaspersky Endpoint Security 11.1 for
Windows, and "Allow" for the "Removable drives" category, will the users be able to access removable drives
connected over USB?

No

Yes

Yes, but only the users who have Local Administrator privileges

Yes, but only encrypted drives

44. Which actions can be specified in the Web Control rules of Kaspersky Endpoint Security 11.1 for Windows?

Test

Warn

Block

Allow
AnnulerRéinitialiserPrécédentSuivantEnvoyer

GDPR Politique de confidentialité Actualités

Support technique Contacts

© 2020 AO Kaspersky. All Rights Reserved

Chercher...
David Aman

Produits et services
Programme partenaires
Ventes
Marketing
Formations
Incentives
Contacts

002.11.1 - Exam: Kaspersky Endpoint Security and Management [e]>Maintenance

Temps restant: 00:02:40
Progression
44 / 50
88%
45. Can the start of group update tasks be randomized in Kaspersky Security Center 11 to avoid simultaneous
connections of all client computers to the Administration Server?

Yes

Yes, but only if the "From 1000 to 5000 computers" or "More than 5000 computers" option was selected during the
installation of the Administration Server

Yes, but only if the computers are organized into several subgroups with update tasks having different schedules

No
46. How can you make the computers’ status normal again?
Several computers have the "Warning" status with the "Many viruses detected" description in Kaspersky Security Center
11 Administration Console. You have studied the event history on these computers and decided that the computers are out
of danger, because all threats have been neutralized correctly.

The status will normalize automatically in 24 hours

Delete the infected objects from the "Backup" repository

Carry out the "Reset Virus Counter" command

Delete the virus detection events from the Administration Server database
47. What is the purpose of the klmover.exe utility?

It helps to modify the parameters that Network Agent uses to connect to the Administration Server

It synchronizes the Network Agent’s settings with the Administration Server

It helps to check the Agent—Server connection

48. Where can you approve installation of a Maintenance Release of Kaspersky Endpoint Security in the
Kaspersky Security Center Web Console?

In the properties of the Kaspersky Endpoint Security Update task

 Operations | Repositories | Installation packages

Operations | Kaspersky Lab applications | Seamless updates

Operations | Kaspersky Lab applications | Kaspersky Lab software updates and patches
49. The databases are regularly updated in the repository, but the group task starts on the client computers only
after a planned synchronization rather than immediately. Why?
Consider a network protected with Kaspersky Endpoint Security 11.1 and managed through Kaspersky Security Center
11.
There is a group update task scheduled to start "When new updates are downloaded to the repository".

This schedule is expected to work in this manner by design

A Distribution Point is not assigned to the group

UDP port 15000 is inaccessible on the Administration Server (for example, blocked by the firewall)

UDP port 15000 is inaccessible on the client computer (for example, blocked by the firewall)
50. How can you achieve this?
Many computers have the "Critical" status with the "Not scanned for a long time" description in Kaspersky Security
Center 11 Administration Console. The administrator thinks that it is not a problem and does not want this condition to
influence computer statuses.

Modify the status change conditions in the policy of Kaspersky Endpoint Security for Windows

Modify the status change conditions in the administration groups’ properties

Modify the status change conditions in the Administration Server properties

It is not possible
AnnulerRéinitialiserPrécédentEnvoyer

GDPR Politique de confidentialité Actualités

Support technique Contacts

© 2020 AO Kaspersky. All Rights Reserved