Professional Documents
Culture Documents
Trend Micro
Trend Micro
a. Yes
b. No
2. Which of the following updates can directly be downloaded from the Deep
Security Relay? Select all that apply.
a. Policy Updates
b. Software Updates
c. Pattern Updates
d. Rule Updates
3. Which status of an agent describes that the agent will not receive any
software, security or policy updates until communication with the Deep Security
Manager
is restored?
a. Offline
b. Default (On/Off)
c. Online
d. Inherited (On/Off)
7. What is the heartbeat listen port number for Deep Security Manager (On-
premise)?
a. 4122
b. 443
c. 4119
d. 4120
8. Applying a Firewall rule using the Bypass action to traffic in one direction
automatically applies the same action to traffic in the other direction.
a. TRUE
b. FALSE
10. When you install patches, upgrade software, or deploy web applications,
application control will detect them. Depending on your setting for
how to handle unrecognized software, this could block that software until
you use the Actions tab to create allow rules.
For mission-critical software, this service interruption may not be
acceptable.
What is the best approach to overcome this situation without causing any
downtime or disruption to the critical applications?
11. What is the maximum throughput supported by Cloud One Network Security
without requiring to scale the instances?
a. 1 Tbps
b. 10 Gbps
c. 1 Gbps
d. 5 Gbps
12. Which queries are initiated by Smart Protection Server to Smart Protection
Network?
a. Updates
b. Web Reputation
c. File Reputation
d. Suspicious Objects
13. System Security by Deep Security comprises of which of the following modules?
a. Network Security
b. Application Security
c. File Storage Security
d. Container Image Security
15. Changing the setting of Network Engine from inline to tap mode would effect
which of the modules of Deep Security? Select all that apply.
a. Application Control
b. Log Inspection
c. Web Reputation
d. Firewall
e. Integrity Monitoring
f. Intrusion Prevention
18. Windows machine will lose network connectivity for a brief period of time
during the network driver installation
while the Deep Security Agent installs a network driver to examine traffic.
This only happens the first time a policy is applied that includes
one of the following: Select all that apply.
a. Web Reputation
b. Anti-Malware
c. Integrity Monitoring
d. Application Control
e. Intrusion Prevention
a. new baseline should be created whenever new Integrity Monitoring rules are
downloaded from the Trend Micro ActiveUpdate server.
b. A new baseline should be created after applying software patches.
c. Once created, there is no need to create a new Integrity Monitoring baseline.
d. A new baseline should be created whenever changing the Integrity Monitoring
scan interval, for example, changing from real-time to manual scans.
21. The maximum disk space limit for the Identified Files folder is reached. What
is the expected Deep Security Agent behavior in this scenario?
a. Deep Security Agents will delete any files that have been in the folder for
more than 60 days.
b. Deep Security Agents will delete the oldest files in this folder until 20% of
the allocated space is available.
c. Files will no longer be able to be quarantined. Any new files due to be
quarantined will be deleted instead.
d. Any existing files are in the folder are compressed and forwarded to Deep
Security Manager to free up disk space.
23. The Intrusion Prevention Protection Module is enabled, its Behavior is set to
Prevent and rules are assigned. When viewing the events,
you notice that one of Intrusion Prevention rules is being triggered and an
event is being logged but the traffic is not being blocked.
What is a possible reason for this?
a. The default Prevention Behavior in this particular rule may be set to Detect.
This logs the triggering of the rule, but does not actually enforce the block.
b. The Intrusion Prevention rule is being triggered as a result of the packet
sanity check failing and the packet is being allowed to pass.
c. The Deep Security Agent is experiencing a system problem and is not
processing packets since the "Network Engine System Failure" mode is set to "Fail
Open".
d. The network engine is running in Inline mode. In Inline mode, Deep Security
provides no protection beyond a record of events.
24. What is the default priority assigned to Firewall rules using the Allow
action?
26. An organization would like to prevent servers from accessing some specific
web sites, even though their credibility score lists the sites as being safe.
How can this be achieved?
a. Intrusion Prevention
b. Web Reputation
c. Integrity Monitoring
d. Firewall
a. dsm.properties
b. logging.properties
c. configuration.properties
d. override.properties