Try Before You Buy

Download a free sample of any of our exam questions and answers

  • 24/7 customer support, Secure shopping site
  • Free One year updates to match real exam scenarios
  • If you failed your exam after buying our products we will refund the full amount back to you.
Free Download
  • Home
  • Articles
  • Deep-Security-Professional Dumps To Pass Deep Security Exam in One Day (Updated 82 Questions) [Q34-Q49]

Deep-Security-Professional Dumps To Pass Deep Security Exam in One Day (Updated 82 Questions) [Q34-Q49]

Share

Deep-Security-Professional Dumps To Pass Deep Security Exam in One Day (Updated 82 Questions)

Deep-Security-Professional Exam Brain Dumps - Study Notes and Theory


Trend Micro Certified Professional for Deep Security exam covers a variety of topics related to the Deep Security product, including installation, configuration, and management of the product. It also covers topics related to the security features of the product, such as intrusion prevention, anti-malware, and virtual patching. Deep-Security-Professional exam is designed to test an individual’s knowledge of these topics and their ability to apply that knowledge in real-world scenarios.

 

NEW QUESTION # 34
Which of the following statements is false regarding the Log Inspection Protection Module?

  • A. The Log Inspection Protection Module is supported in both agent-based and agentless environments.
  • B. Deep Security Manager collects Log Inspection Events from Deep Security Agents at every heartbeat.
  • C. Custom Log Inspections rules can be created using the Open Source Security (OSSEC) standard.
  • D. Scan for Recommendations identifies Log Inspection rules that Deep Security should implement.

Answer: A

Explanation:
Log Inspection requires running some analysis on the computer and is not supported in Agentless deployments.
Explication: Study Guide - page (310)


NEW QUESTION # 35
Which of the following is NOT an operation that can be performed on Deep Security resources using the API?

  • A. GET
  • B. VIEW
  • C. PUT
  • D. POST

Answer: B

Explanation:
Rest API


NEW QUESTION # 36
Which of the following Protection Modules does not benefit from Recommendation Scans?

  • A. Firewall
  • B. Integrity Monitoring
  • C. Intrusion Prevention
  • D. Log Inspection

Answer: A


NEW QUESTION # 37
Which of the following operations makes use of the Intrusion Prevention Protection Module?

  • A. Application traffic control
  • B. Integrity scans
  • C. Port scans
  • D. Stateful traffic analysis

Answer: D


NEW QUESTION # 38
The Security Level for Web Reputation in a policy is set to High. A server assigned this policy attempts to access a Web site with a credibility score of 78.
What is the result?

  • A. The Deep Security Agent allows access to the Web site, and logs the connection attempt as an Event.
  • B. The Deep Security Agent blocks access as the credibility score for the Web site is below the allowed threshold. An error page is displayed in the Web browser.
  • C. The Deep Security Agent allows access as the credibility score for the Web site is above the allowed threshold.
  • D. The Deep Security Agent displays a warning message as the site is unrated.

Answer: B


NEW QUESTION # 39
Which of the following statements is FALSE regarding Firewall rules using the Bypass action?

  • A. Firewall rules using the Bypass action can be optimized, allowing traffic to flow as effi-ciently as if a Deep Security Agent was not there.
  • B. Firewall rules using the Bypass action allow incoming traffic to skip both Firewall and Intrusion Prevention analysis.
  • C. Applying a Firewall rule using the Bypass action to traffic in one direction automatically applies the same action to traffic in the other direction.
  • D. Firewall rules using the Bypass action do not generate log events.

Answer: C

Explanation:
The Bypass action is directional; it does not automatically apply to both directions. If you wish to bypass both directions, you must create separate rules for each. Options B, C, and D are true-bypass skips firewall and IPS analysis, does not log events, and optimizes traffic flow.
Reference:
Trend Micro Deep Security Administrator's Guide, Firewall Bypass Action Section


NEW QUESTION # 40
Which of the following file types would not be evaluated by the Application Control Protection Module?

  • A. .docx files
  • B. .py scripts
  • C. .class files
  • D. .exe files

Answer: A

Explanation:
Application Control evaluates executable files and scripts that can run as code on the system, such as .exe, .
py, and .class files. Document files like .docx are not executed directly as code and are not tracked by Application Control.
Reference:
Trend Micro Deep Security Administrator's Guide, Application Control Supported File Types Section


NEW QUESTION # 41
What is the default priority assigned to Firewall rules using the Allow action?

  • A. Firewall rules using the Allow action always have a priority of 4.
  • B. Firewall rules using the Allow action can be assigned a priority between 0 and 4.
  • C. Firewall rules using the Allow action always have a priority of 0.
  • D. Firewall rules using the Allow action can be assigned a priority between 1 and 3.

Answer: B

Explanation:
Firewall rules in Deep Security can be assigned a priority value between 0 (lowest) and 4 (highest), regardless of whether the action is Allow or Deny. The priority determines the order in which rules are evaluated.
Reference:
Trend Micro Deep Security Administrator's Guide, Firewall Rules and Priorities Section


NEW QUESTION # 42
Which of the following statements is true regarding software inventories used as part of the Application Control Protection Module?

  • A. An administrator can view the list of allowed software in the inventory from the Details tab for each individual Computer.
  • B. Disable the Application Control Protection Module when installing software upgrades, otherwise, the new software will be prevented from installing.
  • C. An administrator can share the inventory of allowed software with other computers protected by Deep Security Agents, by copying the inventory database file (ac.db) from the source computer.
  • D. When an administrator allows software that would be otherwise blocked by the Enforcement Mode, it isn't added to the inventory of approved software. Instead, it is added to that computer's whitelist.

Answer: A

Explanation:
The software inventory for Application Control is visible in the Deep Security Manager console under the Details tab for each protected computer. This inventory lists all approved and detected software components for that agent.
From the official documentation:
"Administrators can view and manage the Application Control inventory for each computer from the Details tab in the Deep Security Manager console. This inventory lists all allowed, blocked, and detected software." Option A is incorrect: You do not need to disable the module for upgrades; use Maintenance Mode or update rules.
Option C is incorrect: Inventory is not shared by copying database files.
Option D is incorrect: Allowed software is added to the inventory.
References:
Trend Micro Deep Security Application Control Guide: Inventory Management Deep Security Help: Application Control Details Tab


NEW QUESTION # 43
The details for an event are displayed in the exhibit. Based on these details, which Protection Module generated the event?

  • A. Firewall
  • B. Integrity Monitoring
  • C. Application Control
  • D. Intrusion Prevention

Answer: D


NEW QUESTION # 44
The Intrusion Prevention Protection Module is enabled, but the traffic it is trying to analyze is encrypted through https. How is it possible for the Intrusion Prevention Protection Module to monitor this encrypted traffic against the assigned rules?

  • A. The Intrusion Prevention Protection Module is not able to analyze encrypted https traffic.
  • B. The Intrusion Prevention Protection Module can only analyze https traffic originating from other servers hosting a Deep Security Agent.
  • C. The Intrusion Prevention Protection Module can analyze https traffic if the public cer-tificate of the originating server is imported into the certificate store on the Deep Secu-rity Agent computer.
  • D. It is possible to monitor the https traffic by creating an SSL Configuration. Creating a new SSL Configuration will make the key information needed to decrypt the traffic available to the Deep Security Agent.

Answer: D

Explanation:
inrusion-prevention-ssl-traffic


NEW QUESTION # 45
Multi-tenancy is enabled in Deep Security and new tenants are created. Where does the new tenant data get stored when using SQL Server as the Deep Security database?

  • A. The new tenant data is added to the existing SQL Server database.
  • B. An additional database is created in SQL Server for each new tenant to store its data.
  • C. An additional table is created for each new tenant in the existing database in the SQL Server database to store its data.
  • D. An additional user is created for each new tenant in the SQL Server database to store its data.

Answer: B

Explanation:
When using SQL Server as the backend for Trend Micro Deep Security with multi-tenancy enabled, each new tenant is assigned its own separate database. This ensures logical isolation and easier management.
From the official documentation:
"If you are using Microsoft SQL Server as the database platform, a new database is created for each tenant that you add." Option C is correct.
Options A, B, and D are incorrect per the official multi-tenancy architecture.
References:
Trend Micro Deep Security Administrator's Guide: Multi-Tenancy Database Architecture Trend Micro Knowledge Base: Multi-tenancy with SQL Server


NEW QUESTION # 46
Which of the following operations makes use of the Intrusion Prevention Protection Module?

  • A. Application traffic control
  • B. Integrity scans
  • C. Port scans
  • D. Stateful traffic analysis

Answer: D

Explanation:
The Intrusion Prevention (IPS) module performs stateful traffic analysis to detect and block exploit attempts and malicious activity in network traffic, tracking the state of network connections and analyzing packet sequences to identify threats.
From the official documentation:
"The Intrusion Prevention module analyzes network traffic using deep packet inspection and stateful traffic analysis to block known and unknown threats, including vulnerability exploits." Option D is correct.
Option A is handled by Integrity Monitoring.
Option B (port scanning) is a network reconnaissance activity and may be detected but is not a core operation of IPS.
Option C (application traffic control) is typically managed by Firewall, not IPS.
References:
Trend Micro Deep Security 20 LTS Administrator's Guide: Intrusion Prevention Module Trend Micro Deep Security Online Help: How IPS Works


NEW QUESTION # 47
The details for an event are displayed in the exhibit. Based on these details, which Protection Module generated the event?

  • A. Firewall
  • B. Integrity Monitoring
  • C. Application Control
  • D. Intrusion Prevention

Answer: D

Explanation:
The event shows a "Reason" that references a specific rule (1000847 - OpenLDAP LDAP Server BIND Request DoS), an "Action" of "Reset," and the event origin as "Agent." This format is specific to the Intrusion Prevention module, which detects and responds to network exploits using assigned rules and provides detailed event logs including signature ID, action taken, and protocol information. The other modules do not use signature IDs or these response actions.
Reference:
Trend Micro Deep Security Administrator's Guide, Intrusion Prevention Events Section


NEW QUESTION # 48
Which of the following correctly identifies the order of the steps used by the Web Reputation Protection Module to determine if access to a web site should be allowed?

  • A. Checks the cache. 2. Checks the Deny list. 3. Checks the Approved list. 4. If not found in any of the above, retrieves the credibility score from Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.
  • B. Checks the Deny list. 2. Checks the Approved list. 3. Checks the cache. 4. If not found in any of the above, retrieves the credibility score from Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.
  • C. Checks the cache. 2. Checks the Approved list. 3. Checks the Deny list. 4. If not found in any of the above, retrieves the credibility score from the Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.
  • D. Checks the Approved list. 2. Checks the Deny list. 3. Checks the cache. 4. If not found in any of the above, retrieves the credibility score from the Rating Server. 5. Evaluates the credibility score against the Security Level to determine if access to the web site should be allowed.

Answer: D


NEW QUESTION # 49
......

Deep-Security-Professional Dumps PDF - Want To Pass Deep-Security-Professional Fast: https://passguide.braindumpsit.com/Deep-Security-Professional-latest-dumps.html

Related Articles

more
Trend Deep-Security-Professional Certification Practice Exam

If candidates choose our exam dumps you will clear exam surely. If you purchase our dumps PDF but fail at the exam, you can get a refund simply by providing a scanned unqualified certificate. 100% Pass Exam, or Full Refund!

Latest testking Braindumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 BraindumpsIT NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy