Question No. 1

Multiple Application Control Events are being displayed in Deep Security after a series of ap-plication updates and the administrator would like to reset Application Control. How can this be done?

AOn the Deep Security Agent computer, type the following command to reset Application Control: dsa_control -r

BClick 'Clear All' on the Actions tab in the Deep Security Manager Web console to reset the list of Application Control events.

CApplication Control can be reset by disabling the Protection Module, then enabling it once again. This will cause local rulesets to be rebuilt.

DApplication Control can not be reset.

Show Answer

Correct Answer: C

Question No. 2

The Firewall Protection Module is enabled on a server through the computer details. What is default behavior of the Firewall if no rules are yet applied?

AAll traffic is permitted through the firewall until either a Deny or Allow rule is assigned.

BA collection of default rules will automatically be assigned when the Firewall Protection Module is enabled.

CAll traffic is blocked by the firewall until an Allow rule is assigned.

DAll traffic is passed through the Firewall using a Bypass rule

Show Answer

Correct Answer: B

Deep Security provides a set of Firewall rules that can be applied to policies or directly to a com-puter.

These default rules provide coverage for typical scenarios.

Set up the Deep Security firewall

Explication: Study Guide - page (219)

Question No. 3

The details of a policy are displayed in the exhibit. Based on these details, which of the following statements is true?

AThe credibility scores for visited web sites will be cached. If access to the web site is re-quested again within 30 minutes, its credibility score will be retrieved from the cache instead of the configured Smart Protection source.

BPackets failing the Network Packet Sanity Check will still be allowed to pass through the network engine.

CAny events generated by computers within your corporate network, as defined by an IP address range, will be ignored

DLive packet streams coming through the network engine will be replicated and all traffic analysis will be performed on the replicated stream

Show Answer

Correct Answer: A

Question No. 4

The Intrusion Prevention Protection Module is enabled, but the traffic it is trying to analyze is encrypted through https. How is it possible for the Intrusion Prevention Protection Module to monitor this encrypted traffic against the assigned rules?

AIt is possible to monitor the https traffic by creating an SSL Configuration. Creating a new SSL Configuration will make the key information needed to decrypt the traffic available to the Deep Security Agent.

BThe Intrusion Prevention Protection Module is not able to analyze encrypted https traffic.

CThe Intrusion Prevention Protection Module can only analyze https traffic originating from other servers hosting a Deep Security Agent.

DThe Intrusion Prevention Protection Module can analyze https traffic if the public cer-tificate of the originating server is imported into the certificate store on the Deep Secu-rity Agent computer.

Show Answer

Correct Answer: A

inrusion-prevention-ssl-traffic

Question No. 5

Which of following statements best describes Machine Learning in Deep Security?

AMachine Learning is malware detection technique in which features of an executable file are compared against a cloud-based learning model to determine the probability of the file being malware.

BMachine Learning is a malware detection technique in which files are scanned based on the true file type as determined by the file content, not the extension.

CMachine Learning is a malware detection technique in which the Deep Security Agent monitors process memory in real time and once a process is deemed to be suspicious, Deep Security will perform additional checks with the Smart Protection Network to determine if this is a known good process.

DMachine Learning is malware detection technique in which processes on the protected computer are monitored for actions that are not typically performed by a given process.

Show Answer

Correct Answer: A

Predictive Machine Learning

Free Trend Deep-Security-Professional Exam Actual Questions

The questions for Deep-Security-Professional were last updated On May 4, 2024