Deep-Security-Professional Exam Dumps - Trend Micro Deep Security Questions and Answers

This file is used to transfer policy settings from one installation of Deep Security Man-ager to another

This file allows properties to be tested on Deep Security Manager without affecting the original configuration.

This file contains the original out-of-the-box configuration properties for Deep Security Manager. This file is renamed to dsm.properties upon initialization of Deep Security Manager.

This file allows Deep Security Agents to override enforced behavior by providing new policy configuration details.

Machine Learning is malware detection technique in which features of an executable file are compared against a cloud-based learning model to determine the probability of the file being malware.

Machine Learning is a malware detection technique in which files are scanned based on the true file type as determined by the file content, not the extension.

Machine Learning is a malware detection technique in which the Deep Security Agent monitors process memory in real time and once a process is deemed to be suspicious, Deep Security will perform additional checks with the Smart Protection Network to determine if this is a known good process.

Machine Learning is malware detection technique in which processes on the protected computer are monitored for actions that are not typically performed by a given process.

The Application Control Protection Module has been disabled at the Base Policy level and is not displayed in the details for child policies.

The Application Control Protection Module is only supported on Linux computers, the policy details displayed are for Windows computers only.

An Activation Code for the Application Control Protection Module has not been pro-vided. Unlicensed Protection Modules will not be displayed.

The Application Control Protection Modules has not been enabled for this tenant.

Since this computer is in Maintenance Mode, updates to the Application Control Pro-tection Module will be applied.

Since this computer is in Maintenance Mode, new or changed software will be auto-matically added to the list of Allowed software in the currently active ruleset.

Since this computer is in Maintenance Mode, Application Control will allow any Blocked software to temporarily run

Since this computer is in Maintenance Mode, Application Control will ignore any Blocked software in the currently active ruleset.

IntelliScan is a method of identifying which files are subject to malware scanning as determined from the file content. It uses the file header to verify the true file type.

IntelliScan is a mechanism that improves scanning performance. It recognizes files that have already been scanned based on a digital fingerprint of the file.

IntelliScan reduces the risk of viruses entering your network by blocking real-time compressed executable files and pairs them with other characteristics to improve mal-ware catch rates.

IntelliScan is a malware scanning method that monitors process memory in real time. It can identify known malicious processes and terminate them.

Changes to any of the Deep Security policies will be send to the Deep Security Agents as soon as the changes are saved.

Administrators with access to the protected Server will be able to uninstall the Deep Security Agent through Windows Control Panel.

Deep Security Agents will send event information to Deep Security Manager every 10 minutes.

If the Deep Security Manager does not receive a message from the Deep Security agent every 20 minutes, an alert will be raised.

The administrator could install a Deep Security Agent on the server hosting the Win-dows Server 2016 database and enable the Integrity Monitoring Protection Module. A rule can be assigned to monitor the Windows SQL Server for any modifications to the server, with Alerts enabled.

The administrator could install a Deep Security Agent on the server hosting the Win-dows Server 2016 database and enable the Log Inspection Protection Module. A rule can be assigned to monitor the Windows SQL Server for any critical events, with Alerts enabled.

The administrator could install a Deep Security Agent on the server hosting the Win-dows Server 2016 database and enable the Intrusion Prevention Protection Module. A Recommendation Scan can be run and any suggested rule can be assigned to monitor the Windows SQL Server for any vulnerabilities, with Alerts enabled.

This can not be achieved using Deep Security. Instead, the administrator could set up log forwarding within Window SQL Server 2016 and the administrator could monitor the logs within the syslog device.

With the highlighted setting enabled, Deep Security Agents will scan files for known viruses and malware using patterns and any files deemed suspicious will be submitted to a configured Deep Discovery Analyzer for further analysis.

With the highlighted setting enabled, Deep Security Agents will scan files for viruses and malware using supplementary aggressive detection pattern files.

With the highlighted setting enabled, Deep Security Agents will scan files for unknown malware using Predictive Machine Learning.

With the highlighted setting enabled, Deep Security Agents will scan files for known malware as well as newly encounted malware by accessing the Suspicious Objects List.

The READ ME file provided with the software patch will indicate which issues were addressed with this release. Compare this list to the rules that are applied to determine which rules are no longer needed and can be disabled.

Since the rules are being applied automatically, when the next Intrusion Prevention Recommendation Scan is run automatically, any rules that are no longer needed will be automatically unassigned. These are rules that are no longer needed as the vulnerability was corrected with the patch.

Since there is no performance effect when multiple Intrusion Prevention rules are ap-plied, there is no need to determine which rules are no longer needed. The original rec-ommended rules can remain in place without affecting the system.

Since the rules are being applied automatically, when the next Intrusion Prevention Recommendation Scan is run automatically, any rules that are no longer needed will be displayed on the Recommended for Unassignment tab in the IPS Rules. These are rules that are no longer needed and can be disabled as the vulnerability was corrected with the patch.

Firewall Rules applied to Policy supersede similar rules applied to individuals computers.

When traffic is intercepted by the network filter, Firewall Rules in the policy are always applied before any other processing is done.

Firewall Rules applied through a parent-level Policy cannot be unassigned in a child-level policy.

Firewall Rules are always processed in the order in which they appear in the rule list, as displayed in the Deep Security manager Web console.