Total time to complete this test is 70 minutes, you have 57 minutes remaining

Question 1
What does password that can be specified in the Network Agent policy
prevent?

Network Agent uninstallation

Stopping the Network Agent service
Starting the klnagchk.exe and klmover.exeutilities
Carrying out the command send heartbeat that forces synchronization with the Server

Question 2
Which permission is to be given to a trusted process in Trusted zone of
Kaspersky Endpoint Security to make File Threat Protection NOT scan
files the process accesses?

Do not scan opened files

Do not monitor application activity
Do not block interaction with the application interface
Special permissions are not necessary, File Threat Protection does not scan any files accessed
by trusted processes

Question 3
In the Web Control section of the Kaspersky Endpoint Security 11 policy,
you created a rule that prohibits all users from opening facebook.com and
a rule that allows the HR department to access facebook.com. However,
access to facebook.com has been blocked for everyone. Why?

The blocking rule is higher than the allowing rule on the list
A blocking rule always has priority over allowing rules
Web Control exclusions are to be specified in the Trusted zone
The standard Default allowing rule is disabled

Question 4
The administrator has selected to Assign Network Agent installation in
the Active Directory group policies in the remote installation task.
When will the Network Agent installation be finished on the target
computers?
 In a few minutes after the task starts
In a few minutes after the computers receive the Active Directory group policy
At the next restart of the computers
The next time that the users log on to the domain from the target computers

Question 5
In which case can you comparatively safely disable scan of network
drives by File Threat Protection of Kaspersky Endpoint Security?

Web Threat Protection is enabled on the computers, which scans data transferred over the
network
Network Threat Protection is enabled on the computers, which scans data transferred over the
network
A scheduled virus scan task is configured for the computers, which scans network drives
Protection software is installed on the servers where network drives are located

Question 6
The administrator has selected to Assign Network Agent installation in
the Active Directory group policies in the remote installation task that
installs Kaspersky Endpoint Security together with Network Agent. How
will Kaspersky Endpoint Security be installed?

The same way as Network Agent, the task will assign installing the MSI package of Kaspersky
Endpoint Security in the Active Directory policy
The task will install Kaspersky Endpoint Security using Windows tools, without waiting for the
Network Agent to install
The task will install Kaspersky Endpoint Security using Network Agent tools after the Agent
connects to the Server
If the administrator selects the option Assign Network Agent installation in the Active
Directory group policies, the task will install only the Network Agent

Question 7
Consider Kaspersky Security Center 10. The administrator selected
the Path to folder parameter as a condition for an application category
and specified the C:\Program Files\Microsoft\ value. Which executable
files will meet this condition?

The files whose checksums coincide with the checksums of the files that were located in
folder С:\Program Files\Microsoft\ on the Administration Server when the category was being
created
 The files whose checksums coincide with the checksums of the files located in С:\Program
Files\Microsoft\ on the Administration Server. Every time the Administration Server is restarted,
the list of checksums is updated to reflect the current folder contents
The files whose metadata coincides with the metadata of a file located in С:\Program
Files\Microsoft\ on the Administration Server
The files whose path begins with С:\Program Files\Microsoft\

Question 8
With which utility can you check connection between the Network Agent
and the Administration Server and synchronize their settings?

klmover.exe
klnagchck.exe
GetSystemInfo.exe

Question 9
Which compound objects does File Threat Protection scan under the
default settings?

Archives
Installation packages
Office files
None

Question 10
In which of the following situations you need NOT specify the
administrator account in the remote installation task?

The administrator account is disabled on the remote computer

Network Agent is already installed on the computer and connected to the Server
The account of the Administration Server service has administrator permissions on the
computer
Windows 10 operating system is installed on the computer
The computer has been prepared with the RIPrep.exe utility
Kaspersky Endpoint Security 10 SP2 is already installed on the computer

Question 11
What is the minimum amount of RAM required to install Kaspersky
Endpoint Security 11 for Windows on Windows 7x32 according to the
system requirements?

256
512
1024
1536

Question 12
What does the Firewall do with a packet if cannot find a matching rule for
it neither among packet rules, nor among rules for applications?

Allows
Blocks
Prompts the user
The Firewall can always find a matching rule for a packet

Question 13
The administrator has found out that Kaspersky Endpoint Security
conflicts with homeware, and added an exclusion to the policy. How to
make the exclusion work on the computers immediately after Kaspersky
Endpoint Security is installed rather than after computers download the
policy?

Move new computers to the group where the policy is configured before installing Kaspersky
Endpoint Security
Export the policy to a file and copy it into the folder where the installation package files of
Kaspersky Endpoint Security are located
Add a configuration file with the exclusion to the installation package of Kaspersky Endpoint
Security (you can export the settings on an already configured computer)
Set the Network Agent’s synchronization interval to 0 minutes

Question 14
Which network polling methods are enabled by default in Kaspersky
Security Center 10 Administration Server?

Quick Windows Network Poll

Full Windows Network Poll
Active Directory polling
 IP range polling

Question 15
ABC Inc. plans to deploy Kaspersky Security Center and Kaspersky
Endpoint Security in a network segment where there is no access to the
Internet. How would you advise to activate the products?

With a key file

With an activation code
Any activation method can be used

Question 16
Where can you find the list of computers blocked by the Network Threat
Protection component?

In the local interface of Kaspersky Endpoint Security, in the Network Monitor window that you
can open via the shortcut menu of the Network Threat Protection component
In the local interface of Kaspersky Endpoint Security, in the Network Monitor window that you
can open from the Protection Componentswindow
In Kaspersky Security Center Administration Console, in the properties of the attacked
computer, in the statistics window of the Kaspersky Endpoint Security for Windows application
In Kaspersky Security Center Administration Console, in the node Advanced \ Repositories \
Quarantine

Question 17
Which of the following reports does the Deliver reports task (which is
created by the Administration Server Quick Start wizard) email by
default?

All reports whose templates are available on the Administration Server

Protection status report
Threats report
Threats report, Protection status report, Database usage report, and Kaspersky Lab software
version report

Question 18
Which of the following can the Mail Threat Protection component of
Kaspersky Endpoint Security 11 for Windows do?

Scan webmail traffic

 Filter e-mail attachments
Scan SMTP/POP3/IMAP/NNTP traffic
Scan MAPI traffic in Microsoft Office Outlook

Question 19
Under which conditions does Kaspersky Endpoint Security switch to the
out-of-office mode with the default settings?

None. Conditions are not specified by default

After an unsuccessful synchronization with the Administration Server
After three unsuccessful synchronizations with the Administration Server or after all networks
have been disconnected

Question 20
Which port of the Administration Server do Network Agents connect to
under the default settings?

TCP 13000
TCP 14000
TCP 13291
UDP 15000

Question 21
The network is protected with Kaspersky Endpoint Security 11 and
managed with Kaspersky Security Center 10. The administrator has
cleared the check box Display program interface in the Kaspersky
Endpoint Security policy 11 for Windows. What CANNOT be hidden from
the user?

Started processes of Kaspersky Endpoint Security

Started services of Kaspersky Endpoint Security
Kaspersky Endpoint Security in the list of installed programs
Kaspersky Endpoint Security icon in the notification area
Kaspersky Endpoint Security shortcut in the Startmenu

Question 22
How does the remote installation task of Kaspersky Endpoint Security for
Windows 11 behave by default if a third-party protection application is
detected on a computer?

Returns an error and prompts the administrator to uninstall the application manually
Uninstalls the third-party protection application automatically and proceeds with the
installation
Installs Kaspersky Endpoint Security, but completes with a warning that the third-party
protection application must be uninstalled
Prompts the user whether to uninstall the third-party protection application

Question 23
Which of the listed below is a known limitation of the Web Control
component in Kaspersky Endpoint Security 11?

It can’t block content by data type over an https connection

It can’t block any website accessed over an https connection
It works only with the mainstream web browsers, such as Internet Explorer, Mozilla Firefox,
Google Chrome
None of the above

Question 24
A network consists of:
27 computers running Microsoft Windows Server 2012 R2
5 computers running Microsoft Windows Server 2008
130 computers running Microsoft Windows 7 Professional
70 computers running Microsoft Windows 10.

How many remote installation tasks (minimum) do you need to create to

install Kaspersky Endpoint Security 11 on all machines?

1
2
3
232

Question 25
Consider a network protected with Kaspersky Endpoint Security 11 and
managed through Kaspersky Security Center 10.
There is a group update task scheduled to start When new updates are
downloaded to the repository. The databases are regularly updated in
the repository, but the group task starts on the client computers only
after a planned synchronization rather than immediately. Why?

UDP port 15000 is inaccessible on the client computer (for example, blocked by the firewall)
UDP port 15000 is inaccessible on the Administration Server (for example, blocked by the
firewall)
Update agent is not assigned to the group
It is intended to function in this manner

Question 26
A workstation is managed remotely through Kaspersky Security Center
10 with the default settings. Which of the following events invoke pop-up
notifications in the local interface of Kaspersky Endpoint Security 11 for
Windows?

Threats have been detected

Suspicious object detected
Network attack detected
Application startup prohibited

Question 27
During the installation of Kaspersky Security Center 10, the DNS name of
the Administration Server was specified for its connection address.
Before deploying Kaspersky Network Agents, the administrator decides
that the Server’s IP address should be used for connections. How would
you make this change?

Run the Quick Start wizard again

Modify the address in the Administration Server policy
Modify the address in the Network Agent policy
Modify the Administration Server address in the properties of the Network Agent installation
package

Question 28
In which case will Kaspersky Endpoint Security 11 for Windows consider
a file to be non-infected?

Signature or heuristic analysis returned theInfected verdict, while the KSN database considers
the file to be clean
 Signature or heuristic analysis returned theClean verdict, while the KSN database considers
the file to be infected

Question 29
Installation on which of the following operating systems does Kaspersky
Endpoint Security for Windows 11 support?

Microsoft Small Business Server 2011

Microsoft Windows Embedded Standard 7
Microsoft Windows Server 2012 R2 (Server Core)
Microsoft Windows Server 2012 Foundation

Question 30
You have found out that the Firewall hampers an application that belongs
to the High Restricted group. Which of the following measures can solve
the issue?

Create allow packet rules for the application’s ports and protocols, and move them to the top of
the list of rules
Add the application’s executable file to the list of trusted in the Trusted zone and select the
check box Do not scan network traffic for it
Add the application’s executable file to the list of paths excluded from scanning in the Trusted
zone
Manually put the application’s executable files into the Low restricted or Trusted group in
the Kaspersky Endpoint Security policy

Question 31
Which certificate does Kaspersky Security Center 10 Administration
Server use for encrypted connections with Kaspersky Network Agents?

Kaspersky Lab certificate

The certificate specified by the administrator during the Administration Server installation
The certificate automatically generated during the Administration Server installation
The Administration Server does not encrypt connections with Network Agents

Question 32
You want the Firewall in Kaspersky Endpoint Security 11 for Windows to
allow any packets from 192.168.12.25. How can you achieve this?

Specify a network with address 192.168.12.25/32 and assign the Trusted Network status to it
 Create a Network packet rule that allows all inbound and outbound packets to/from the
address 192.168.12.25 and place it on top of the rule list
Create an Application control rule that allows all inbound and outbound packets to/from
192.168.12.25, and specify «*» for the application
Create an exclusion for the address 192.168.12.25 in the Trusted zone

Question 33
Select the correct statements about policies in Kaspersky Security Center:

There are active and inactive policies

There may not be more than one active policy for the same application in a group
The administrator can create a policy for a set of computers belonging to different groups
The administrator can exclude a subgroup from a policy’s scope
Active subgroups’ policies by default inherit the locked settings of the active policy of a parent
group (as far as policies of the same application are concerned)
To make policy settings enforced on the computers, the respective locks must be closed

Question 34
Which access to network do programs get that belong to the Untrusted
group on Microsoft Windows 7 protected with standard installation of
Kaspersky Endpoint Security 11 under the default settings?

None, because the Host Intrusion Prevention component will block them
Full network access
Access only to trusted networks
Access to trusted and local networks

Question 35
The update task of Kaspersky Endpoint Security for Windows has Update
settings for local mode and Update settings for mobile mode. Under which
conditions are Update settings for mobile mode used?

The update task has no update settings for mobile mode

If the conditions of switching to the mobile mode (which are specified in the Network Agent
policy) are met
If the conditions of switching to the mobile mode (which are specified in the Network Agent
policy) are met, and the out-of-office policy is applied to the computer
If all sources specified in the settings for local mode are inaccessible
Question 36
You plan to use SNMP protocol to monitor status and receive notifications
from Kaspersky Security Center 10 Administration Server. However,
the SNMP agent component is missing from the list of Administration
Server components in the installation wizard. Why?

SNMP agent is an Administration Console component, not a Server component

The SNMP agent component has a separate installer
SNMP agent is always installed, it does not need to be selected as an option
SNMP agent is not displayed if the SNMP service (a component of Windows operating system)
is not installed on the computer

Question 37
Many computers have the Critical status with the Not scanned for a
long time description in Kaspersky Security Center 10 Administration
Console. The administrator thinks that it is not a problem and does not
want this condition to influence computer statuses. How can you achieve
this?

It is not possible
Modify the status change conditions in the Administration Server properties
Modify the status change conditions in the administration groups’ properties
Modify the status change conditions in the policy of Kaspersky Endpoint Security 11 for
Windows

Question 38
Which functions of Kaspersky Endpoint Security for Windows are NOT
available under the KESB Select license?

Full Disk Encryption

File Level Encryption
Device Control
Integrity Check

Question 39
Installation on which operating systems does Kaspersky Security Center
10 SP3 Administration Server NOT support?

Microsoft Windows XP Pro SP2

 Microsoft Windows Vista
Microsoft Windows 7 Ultimate SP1
Microsoft Windows 8 Pro
Microsoft Windows 10 Enterprise

Question 40
Which connections are High Restricted applications prohibited from
establishing in Trusted networks under the default settings?

None
DNS requests and connections over mail protocols
DNS, e-mail, remote desktop connections, and ICMP protocol
All

Question 41
There is a standard computer selection named Many viruses detected in
the Kaspersky Security Center 10 Administration Console. What does
“many” mean?

The number specified for the Many viruses detected status in the group properties
The number specified in the selection properties
More than 0
More than 10 viruses per 10 minutes

Question 42
Which of the following capabilities are implemented as group tasks in
Kaspersky Endpoint Security for Windows?

Update
Virus Scan
Network Threat Protection
Change Application Components

Question 43
In which of the following web browsers can’t Web Threat Protection of
Kaspersky Endpoint Security 11 for Windows block dangerous objects?

Internet Explorer
 Mozilla Firefox
Google Chrome
None of the above (meaning, blocks in all of them)

Question 44
Where can you disable installation of unapproved patches for Kaspersky
Security Center 10 Network Agent?

In the Administration Server properties

In the properties of the “Download updates to the repository” task
In the Network Agent policy
In the Network Agent update task

Question 45
Which scan scope does the virus scan task have, which the Quick Start
wizard of Kaspersky Security Center creates for Kaspersky Endpoint
Security?

The whole computer

All removable drives, all local drives, all network drives
Kernel Memory, Running processes and Startup Objects, Disk boot sectors, %systemroot%\,
%systemroot%\system\, %systemroot%\system32\, %systemroot%\system32\drivers\,
%systemroot%\syswow64\, %systemroot%\syswow64\drivers\2/label>
Kernel Memory, Running processes and Startup Objects, Disk boot sectors, %systemroot%\,
%programfiles%\, %programfiles(x86)%

Question 46
Installation on which virtual platforms does the Kaspersky Security
Center 10 Administration Server support?

VMware vSphere
Microsoft Hyper-V Server
Citrix XenServer
KVM
VMware Workstation
Oracle VM VirtualBox
Parallels Desktop
Question 47
A legitimate application, which users need for their work, is being
categorized as Untrusted and blocked by Kaspersky Endpoint Security
11 for Windows. You want to prevent this without compromising the
level of protection too much. What are your options?

Manually put the application into a group other than Untrusted in the Host Intrusion
Prevention settings
Add the application to the Trusted zone with the option Do not monitor application activity
Disable the use of KSN
Disable the Host Intrusion Prevention component

Question 48
Where does Kaspersky Security Center store events of the computers that
the administrator can see in the reports?

In text event logs

In the Windows Event Log
In an SQL/MySQL database
In Kaspersky Security Network

Question 49
What happens when the extended KSN mode is enabled?

When the extended KSN mode is enabled, Kaspersky Security Center switches to the KSN
Proxy mode and starts caching all requests sent to the KSN cloud
When the extended KSN mode is enabled, extended statistical information is sent to the KSN
cloud; executable and non-executable files or their parts can also be sent
When the extended KSN mode is enabled, Kaspersky Security Center establishes a persistent
communication channel to the KSN cloud and caches part of the information from the KSN cloud on
the local drive

Question 50
Which removable drive access operations can Device Control allow or
block in Kaspersky Endpoint Security 11 for Windows?

Read
Execute
Modify
Delete
Device Control cannot block specific removable drive access operations