Deep-Security-Professional Trend Micro Certified Professional for Deep Security Exam Question and Answers

The Deep Security Agent allows access to the Web site, and logs the connection attempt as an Event.

The Deep Security Agent allows access as the credibility score for the Web site is above the allowed threshold.

The Deep Security Agent blocks access as the credibility score for the Web site is below the allowed threshold. An error page is displayed in the Web browser.

The Deep Security Agent displays a warning message as the site is unrated.

Once the inventory scan has run when Application Control is first enabled, there is no way to update the inventory to incorporate modified software.

Software updates performed by a Trusted Updater will be automatically approved.

Edit the inventory database file (AC.db) on the Agent computer to include the hash of the newly updated software. Save the change and restart the Deep Security Agent. The software updates will now be approved.

Maintenance mode can be enabled while completing the updates.

Deep Security Relays distribute load to the Deep Security Manager nodes in a high-availability implementation.

Deep Security Relays forward policy details to Deep Security Agents and Virtual Ap-pliances immediately after changes to the policy are applied.

Deep Security Relays maintain the caches of policies applied to Deep Security Agents on protected computers to improve performance.

Deep Security Relays are responsible for retrieving security and software updates and distributing them to Deep Security Manager, Agents and Virtual Appliances.

The new tenant data is added to the existing SQL Server database.

An additional table is created for each new tenant in the existing database in the SQL Server database to store its data.

An additional database is created in SQL Server for each new tenant to store its data.

An additional user is created for each new tenant in the SQL Server database to store its data.

Integrity Monitoring

Firewall

Web Reputation

Intrusion Prevention

The Firewall Protection Module can check files for certain characteristics such as compression and known exploit code.

The Firewall Protection Module can identify suspicious byte sequences in packets.

The Firewall Protection Module can detect and block Cross Site Scripting and SQL In-jection attacks.

The Firewall Protection Module can prevent DoS attacks coming from multiple systems.

Caching is used by the Web Reputation Protection Module to temporarily store the credibility score for a Web site. The retrieved credibility score is cached in case the score for the Web site is required again for the life of the cache.

Caching is used by the Web Reputation Protection Module to temporarily store the pages that make up the Web site. The Web site is cached in case the site is visited again for the life of the cache.

Caching is used by the Web Reputation Protection Module to keep track of Web sites that are added to the Allowed list. Any sites added to the Allowed list will be accessible by protected servers regardless of their credibility score.

Caching is used by the Web Reputation Protection Module to keep track of Allowed and Blocked Web sites. Any sites that are Allowed or Blocked do not require the retrieval of a credibility score from the Trend Micro Web Reputation Service.

Adding a tag to an Event modifies the Event data by adding fields, including the name of the tag, the date the tag was applied, and whether the tag was applied manually or automatically

Only a single tag can be assigned to an Event.

Events can be tagged automatically if they are similar to known good Events.

Events can be automatically deleted based on tags.

In this example, the state for the Web Reputation Protection Module is inherited from the parent policy, while the other Protection Modules were turned on specifically in this child policy.

The state for a Protection Module is always displayed as "Inherited (On)" until the module components are installed on the Deep Security Agent.

In this example, the state for the Web Reputation Protection Module is inherited from the parent policy, while the other Protection Modules were turned on at the computer level.

In this example, the state for the Web Reputation Protection Module is listed as "In-herited (On)" as it was inherited from the default setting in the Base Policy.