Deep-Security-Professional Trend Micro Certified Professional for Deep Security Exam Questions and Answers

Without NSX, a Deep Security Agent must be installed on each virtual machine hosted on the ESXi server.

Without NSX, you will be unable to use Deep Security to protect your virtual machines.

You can install a Deep Security Virtual Appliance on the ESXi server. This will provide agentless support for Anti-Malware, Intrusion Prevention, Integrity Monitoring, Firewall and Web Reputation.

Without NSX, you can only enable Anti-Malware and Integrity Monitoring protection on the virtual machines. NSX is required to support Intrusion Prevention, Firewall and Web Reputation

In the logging.properties file

In the dsm.properties file

In the Windows Registry

In the database.properties file

Smart Scan improves the capture rate for malware scanning by sending features of suspicious files to an cloud-based server where the features are compared to known malware samples.

Smart Scan shifts much of the malware scanning functionality to an external Smart Protection Server.

Smart Scan is performed in real time, where conventional scanning must be triggered manually, or run on a schedule.

Smart Scan identifies files to be scanned based on the content of the file, not the exten-sion.

The administrator could check the Multi-Tenancy log file for resource consumption details.

The administrator could generate a Tenant report from within the Deep Security Manager Web console.

The administrator will not be able retrieve this information without licensing and ena-bling the Multi-Tenancy Chargeback module in the Deep Security Manager Web con-sole.

The administrator downloads the Tenant usage details from the Deep Security Agent on the Tenant computer.

The Netweaver plug-in must be installed on the Deep Security Agent.

A Smart Protection Server must be installed and configured to service the SAP Netweaver platform

No extra components are required, this can be done by enabling the AntiMalware Pro-tection Module on the SAP Netweaver server.

Deep Security Scanner is required.

The incorrect port was used. The correct command would be: dsa_control -a dsm://server1.acme.com:4118

Deep Security Agents can not be activated through the Command Prompt. They must be activated through the Deep Security Manager Web console or through a deployment script.

The command listed can only executed from the Command Prompt on the Deep Security Manager computer.

"Allow Agent-Initiated Activation" is currently not enabled in Deep Security Manager.

The rules displayed in the exhibit have been hard-coded with the details of the policy. These rules will automatically be assigned to all Firewall policies that are created and can not be unassigned.

The rules displayed in the exhibit have been assigned to the policy at the parent level. Rules assigned to a parent policy can not be unassigned at the child level.

The rules displayed in the exhibit were assigned to the policy automatically when a Recommendation Scan was run. Rules assigned through a Recommendation Scan can not be disabled once assigned.

The rules displayed in the exhibit can not be unassigned as the administrator currently logged into the Deep Security Manager Web console does not have the permissions necessary to unassign rules.

Enable "File Types scanned by IntelliScan" in the Malware Scan Configuration prop-erties in the Deep Security Manager Web console. Click "Scan All Except" and type the filename to exclude from the scan.

Edit the "Scan Exclusions" section of the dsa.properties configuration file on the Deep Security Agent computer to include the file name. Save the configuration file and restart the Deep Security Agent service.

Add the file to the Exclusions list in the Malware Scan Configuration.

Add the file to the Exclusions list in the "Allowed Spyware/Grayware Configuration".

Force Allow permits traffic that would otherwise be denied by other Firewall rules to pass, but still enforces filtering by the Intrusion Prevention Protection Module.

Force Allow permits traffic to bypass analysis by both the Firewall and Intrusion Pre-vention Protection Modules.

Force Allow explicitly allows traffic that matches the Firewall rule to pass, and implicitly denies all other traffic.

Force Allow permits traffic to bypass analysis by all Deep Security Protection Modules.