Deep-Security-Professional Practice Exam Questions and Answers

A.  

Integrity scans

B.  

Port scans

C.  

Application traffic control

D.  

Stateful traffic analysis

A.  

Since this computer is in Maintenance Mode, updates to the Application Control Pro-tection Module will be applied.

B.  

Since this computer is in Maintenance Mode, new or changed software will be auto-matically added to the list of Allowed software in the currently active ruleset.

C.  

Since this computer is in Maintenance Mode, Application Control will allow any Blocked software to temporarily run

D.  

Since this computer is in Maintenance Mode, Application Control will ignore any Blocked software in the currently active ruleset.

A.  

Generate a Chargeback report in Deep Security manager Web console.

B.  

All the choices listed here are valid.

C.  

Use the Representational State Transfer (REST) API to collect usage data from the tenants.

D.  

Monitor usage by the tenants from the Statistics tab in the tenant Properties window.

A.  

The Netweaver plug-in must be installed on the Deep Security Agent.

B.  

A Smart Protection Server must be installed and configured to service the SAP Netweaver platform

C.  

No extra components are required, this can be done by enabling the AntiMalware Pro-tection Module on the SAP Netweaver server.

D.  

Deep Security Scanner is required.

A.  

Install a Smart Protection Server in the environment and set it as the source for File Reputation information.

B.  

Smart Scan must contact the Smart Protection Network to function. Any servers without Internet access will be unable to use Smart Scan.

C.  

Promote one of the Deep Security Agents on the air gapped computers to become a Re-lay.

D.  

Smart Scan can be configured to use a local pattern file containing the same information as the Smart Protection Network.

A.  

Any servers discovered in the selected Active Directory branch hosting a Deep Security Agent will be added to the Computers list.

B.  

Any servers within the IP address range hosting a Deep Security Agent will be added to the Computers list.

C.  

Any servers within the IP address range that are hosting Deep Security Agents will be added to the Computers list and will be automatically activated.

D.  

Any servers within the IP address range will be added to the Computers list, regardless of whether they are hosting a Deep Security Agent or not.

A.  

Checks the cache. 2. Checks the Deny list. 3. Checks the Approved list. 4. If not found in any of the above, retrieves the credibility score from Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.

B.  

Checks the cache. 2. Checks the Approved list. 3. Checks the Deny list. 4. If not found in any of the above, retrieves the credibility score from the Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.

C.  

Checks the Deny list. 2. Checks the Approved list. 3. Checks the cache. 4. If not found in any of the above, retrieves the credibility score from Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.

D.  

Checks the Approved list. 2. Checks the Deny list. 3. Checks the cache. 4. If not found in any of the above, retrieves the credibility score from the Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.

A.  

The Integrity Monitoring Protection Module

B.  

The File Inspection Protection Module

C.  

Deep Security can not provide this type of functionality

D.  

The Intrusion Prevention Protection Module

A.  

Force Allow permits traffic that would otherwise be denied by other Firewall rules to pass, but still enforces filtering by the Intrusion Prevention Protection Module.

B.  

Force Allow permits traffic to bypass analysis by both the Firewall and Intrusion Pre-vention Protection Modules.

C.  

Force Allow explicitly allows traffic that matches the Firewall rule to pass, and implicitly denies all other traffic.

D.  

Force Allow permits traffic to bypass analysis by all Deep Security Protection Modules.

A.  

All traffic is permitted through the firewall until either a Deny or Allow rule is assigned.

B.  

A collection of default rules will automatically be assigned when the Firewall Protection Module is enabled.

C.  

All traffic is blocked by the firewall until an Allow rule is assigned.

D.  

All traffic is passed through the Firewall using a Bypass rule

A.  

With the highlighted setting enabled, Deep Security Agents will scan files for known viruses and malware using patterns and any files deemed suspicious will be submitted to a configured Deep Discovery Analyzer for further analysis.

B.  

With the highlighted setting enabled, Deep Security Agents will scan files for viruses and malware using supplementary aggressive detection pattern files.

C.  

With the highlighted setting enabled, Deep Security Agents will scan files for unknown malware using Predictive Machine Learning.

D.  

With the highlighted setting enabled, Deep Security Agents will scan files for known malware as well as newly encounted malware by accessing the Suspicious Objects List.

A.  

The Integrity Monitoring Protection Module monitors traffic to verify the integrity of incoming traffic to identify protocol deviations, packets fragments and other protocol anomalies.

B.  

The Integrity Monitoring Protection Module monitors critical operating system objects such as services, processes, registry keys and ports to detect and report malicious or unexpected changes.

C.  

The Integrity Monitoring Protection Module monitors incoming traffic to confirm the integrity of header information including packet source and destination details.

D.  

The Integrity Monitoring Protection Module monitors and analyzes the integrity of application logs to identify tampering, corruption and other suspicious modifications to the logs.