Trend Micro Deep-Security-Professional Trend Micro Certified Professional for Deep Security Exam Exam Practice Test

The Integrity Monitoring Protection Module

The File Inspection Protection Module

Deep Security can not provide this type of functionality

The Intrusion Prevention Protection Module

This file is used to transfer policy settings from one installation of Deep Security Man-ager to another

This file allows properties to be tested on Deep Security Manager without affecting the original configuration.

This file contains the original out-of-the-box configuration properties for Deep Security Manager. This file is renamed to dsm.properties upon initialization of Deep Security Manager.

This file allows Deep Security Agents to override enforced behavior by providing new policy configuration details.

The Anti-Malware and Web Reputation Protection Modules can make use of the locally installed Smart Protection Server.

All Protection Modules can make use of the locally installed Smart Protection Server

Anti-Malware is the only Protection Modules that can use the locally installed Smart Protection Server.

The Anti-Malware, Web Reputation and Intrusion Prevention Protection Modules can make use of the locally installed Smart Protection Server.

Once the inventory scan has run when Application Control is first enabled, there is no way to update the inventory to incorporate modified software.

Software updates performed by a Trusted Updater will be automatically approved.

Edit the inventory database file (AC.db) on the Agent computer to include the hash of the newly updated software. Save the change and restart the Deep Security Agent. The software updates will now be approved.

Maintenance mode can be enabled while completing the updates.

Applying a Firewall rule using the Bypass action to traffic in one direction automatically applies the same action to traffic in the other direction.

Firewall rules using the Bypass action do not generate log events.

Firewall rules using the Bypass action allow incoming traffic to skip both Firewall and Intrusion Prevention analysis.

Firewall rules using the Bypass action can be optimized, allowing traffic to flow as effi-ciently as if a Deep Security Agent was not there.

A Reset operation generates Event information that can be used to troubleshoot Agent-to -Manager communication issues.

A Reset operation forces an update to the Deep Security Agent software installed on a managed computer.

A Reset operation forces the Deep Security Agent service to restart on the managed computer.

A Reset operation wipes out any Deep Security Agent settings, including its relationship with Deep Security Manager.

The incorrect port was used. The correct command would be: dsa_control -a dsm://server1.acme.com:4118

Deep Security Agents can not be activated through the Command Prompt. They must be activated through the Deep Security Manager Web console or through a deployment script.

The command listed can only executed from the Command Prompt on the Deep Security Manager computer.

"Allow Agent-Initiated Activation" is currently not enabled in Deep Security Manager.

Both 32-bit and 64-bit Deep Security Agents can be promoted to a Deep Security Relay.

Deep Security Agents promoted to Deep Security Relays no longer provide the security capabilities enabled by the Protection Modules.

Deep Security Relays are able to process Deep Security Agent requests during updates.

Deep Security Agents communicate with Deep Security Relays to obtain security up-dates.

Changes to any of the Deep Security policies will be send to the Deep Security Agents as soon as the changes are saved.

Administrators with access to the protected Server will be able to uninstall the Deep Security Agent through Windows Control Panel.

Deep Security Agents will send event information to Deep Security Manager every 10 minutes.

If the Deep Security Manager does not receive a message from the Deep Security agent every 20 minutes, an alert will be raised.

Enable "File Types scanned by IntelliScan" in the Malware Scan Configuration prop-erties in the Deep Security Manager Web console. Click "Scan All Except" and type the filename to exclude from the scan.

Edit the "Scan Exclusions" section of the dsa.properties configuration file on the Deep Security Agent computer to include the file name. Save the configuration file and restart the Deep Security Agent service.

Add the file to the Exclusions list in the Malware Scan Configuration.

Add the file to the Exclusions list in the "Allowed Spyware/Grayware Configuration".

Force Allow permits traffic that would otherwise be denied by other Firewall rules to pass, but still enforces filtering by the Intrusion Prevention Protection Module.

Force Allow permits traffic to bypass analysis by both the Firewall and Intrusion Pre-vention Protection Modules.

Force Allow explicitly allows traffic that matches the Firewall rule to pass, and implicitly denies all other traffic.

Force Allow permits traffic to bypass analysis by all Deep Security Protection Modules.

Apex Central distributes Deep Security policies to Agents on the protected Servers.

Apex Central submits suspicious files to Deep Discovery Analyzer for further analysis.

Apex Central stores suspicious files that are awaiting submission to the Deep Discovery Analyzer.

Apex Central compiles the Suspicious Objects List based on the result of file analysis in Deep Discovery Analyzer.