Trend Deep-Security-Professional Trend Micro Certified Professional for Deep Security Exam Exam Practice Test Questions

• Question 1

  How is scan caching used in agentless implementations of Deep Security?

  • Scan caching maintains the Inclusions and Exclusions lists from the Malware Scan Configuration in memory to improve performance.
  • Scan caching manages resource usage by staggering the launch of malware scans to prevent scan storms
  • Scan caching is used in Agent-based installations only and is not supported in an agentless implementation.
  • Scan caching enhances the performance of the Deep Security Virtual Appliance in that files scanned for malware on a virtual machine that appear on other virtual machines may not need to be scanned again.

  Show Answer Answer: D Next

• Question 2

  Which Deep Security Protection Modules can be used to provide runtime protection for the Kubernetes and Docker platforms? Select all that apply.

  • Intrusion Prevention
  • Log Inspection
  • Integrity Monitoring
  • Anti-Malware

  Show Answer Answer: A, B, C Next

• Question 3

  Which of following statements best describes Machine Learning in Deep Security?

  • Machine Learning is malware detection technique in which features of an executable file are compared against a cloud-based learning model to determine the probability of the file being malware.
  • Machine Learning is a malware detection technique in which files are scanned based on the true file type as determined by the file content, not the extension.
  • Machine Learning is a malware detection technique in which the Deep Security Agent monitors process memory in real time and once a process is deemed to be suspicious, Deep Security will perform additional checks with the Smart Protection Network to determine if this is a known good process.
  • Machine Learning is malware detection technique in which processes on the protected computer are monitored for actions that are not typically performed by a given process.

  Show Answer Answer: A Next

• Question 4

  Which of the following statements is false regarding Firewall rules using the Bypass action?

  • Applying a Firewall rule using the Bypass action to traffic in one direction automatically applies the same action to traffic in the other direction.
  • Firewall rules using the Bypass action do not generate log events.
  • Firewall rules using the Bypass action allow incoming traffic to skip both Firewall and Intrusion Prevention analysis.
  • Firewall rules using the Bypass action can be optimized, allowing traffic to flow as effi-ciently as if a Deep Security Agent was not there.

  Show Answer Answer: A Next

• Question 5

  Which Protection Modules can make use of a locally installed Smart Protection Server?

  • The Anti-Malware and Web Reputation Protection Modules can make use of the locally installed Smart Protection Server.
  • All Protection Modules can make use of the locally installed Smart Protection Server
  • Anti-Malware is the only Protection Modules that can use the locally installed Smart Protection Server.
  • The Anti-Malware, Web Reputation and Intrusion Prevention Protection Modules can make use of the locally installed Smart Protection Server.

  Show Answer Answer: A Next