Deep-Security-Professional Trend Micro Certified Professional for Deep Security Exam Questions and Answers

Deny

Bypass

Allow

Force Allow

Generate a Chargeback report in Deep Security manager Web console.

All the choices listed here are valid.

Use the Representational State Transfer (REST) API to collect usage data from the tenants.

Monitor usage by the tenants from the Statistics tab in the tenant Properties window.

Disable the Application Control Protection Module when installing software upgrades, otherwise, the new software will be prevented from installing.

An administrator can view the list of allowed of software in the inventory from the De-tails tab for each individual Computer.

An administrator can share the inventory of allowed software with other computers protected by Deep Security Agents, by copying the inventory database file (ac.db) from the source computer.

When an administrator allows software that would be otherwise blocked by the En-forcement Mode, it isn't added to the inventory of approved software. Instead, it is added to that computer's white list.

Analyze the packet within the context of traffic history and connection state.

Compare the data in the packet against the Anti-Malware Scan Configuration to verify whether any of the data related to files and folders on the Exclusion list.

Verify the integrity of the packet to insure the packet is suitable for analysis.

Verify the packet is not part of a reconnaissance scan used to discover weaknesses on the Deep Security Agent host computer.

The Deep Security Notifier is a application in the Windows System Tray that displays the Status of Deep Security Manager during policy and software updates.

The Deep Security Notifier is a server components that collects log entries from man-aged computers for delivery to a configured SIEM device.

The Deep Security Notifier is a server component used in agentless configurations to allow Deep Security Manager to notify managed computers of pending updates.

The Deep Security Notifier is a application in the Windows System Tray that com-municates the state of Deep Security Agents and Relays to endpoint computers.

Deep Security Relays distribute load to the Deep Security Manager nodes in a high-availability implementation.

Deep Security Relays forward policy details to Deep Security Agents and Virtual Ap-pliances immediately after changes to the policy are applied.

Deep Security Relays maintain the caches of policies applied to Deep Security Agents on protected computers to improve performance.

Deep Security Relays are responsible for retrieving security and software updates and distributing them to Deep Security Manager, Agents and Virtual Appliances.

Applying a Firewall rule using the Bypass action to traffic in one direction automatically applies the same action to traffic in the other direction.

Firewall rules using the Bypass action do not generate log events.

Firewall rules using the Bypass action allow incoming traffic to skip both Firewall and Intrusion Prevention analysis.

Firewall rules using the Bypass action can be optimized, allowing traffic to flow as effi-ciently as if a Deep Security Agent was not there.

Intrusion Prevention protection can drop malicious packets but cannot reset the con-nection.

Intrusion Prevention protection only works in conjunction with the Anti-Malware Pro-tection Module.

Intrusion Prevention protection can only work on computers where a Deep Security Agent is installed; agentless protection is not supported.

Intrusion Prevention protection can drop or reset a connection.

Smart Folders identify the folders that will be scanned when a Real-Time, Manual or Scheduled malware scan is run.

Smart Folders are a collection of subfolders containing the policy settings that are ap-plied to child policies or directly to Computers.

Smart Folders act as a saved search of computers which is executed each time the folder is clicked to display its contents.

Smart Folders are the containers used to store the results of Recommendation Scans. Once a Recommendation Scan has completed, and administrator can click a Smart Folder and select which of the recommended rules to apply.