EMT Practice Test

1. Question Content...


Question List

Question1: Based on the policy configuration displayed in the exhibit, which of the following statements is true?

Question2: An administrator attempts to activate the Deep Security Agent installed on a server by typing the following command in the Command Prompt on the Deep Security Agent computer:
dsa_control -a dsm://server1.acme.com:4120
The Agent does not activate as expected. What is a valid reason for this issue?

Question3: Which of the following Protection Modules does not benefit from Recommendation Scans?

Question4: Which of the following correctly describes the Firewall rule Action of Force Allow?

Question5: Which of the following statements regarding the Integrity Monitoring Protection Module is true?

Question6: What is the purpose of the override.properties file?

Question7: Which of the following statements is false regarding the Log Inspection Protection Module?

Question8: Your organization would like to implement a mechanism to alert administrators when files on a protected servers are modified or tampered with. Which Deep Security Protection Module should you enable to provide this functionality?

Question9: Which of the following are valid methods for pre-approving software updates to prevent Ap-plication Control Events from being triggered by the execution of the modified software? Select all that apply.

Question10: Which of the following Firewall rule actions will allow data packets to pass through the Firewall Protection Module without being subjected to analysis by the Intrusion Prevention Protection Module?

Question11: How does Smart Scan vary from conventional pattern-based anti-malware scanning?

Question12: Which Protection Modules can make use of a locally installed Smart Protection Server?

Question13: Which of the following statements correctly identifies the purpose of the Integrity Monitoring Protection Module?

Question14: What is the purpose of the Deep Security Notifier?

Question15: Where does Deep Security Manager store the credentials it uses to access the database?

Question16: Your VMware environment is configured without using NSX. How can Deep Security provide protection to the virtual images hosted on your ESXi servers?

Question17: The details for an event are displayed in the exhibit. Based on these details, which Protection Module generated the event?

Question18: How is scan caching used in agentless implementations of Deep Security?

Question19: Which of the following statements is true regarding Event Tagging?

Question20: Which of the following statements is true regarding Maintenance Mode in the Application Control protection Module?

Question21: What is the role of Apex Central in the Connected Threat Defense infrastructure?

Question22: A Recommendation Scan is run to determine which Intrusion Prevention rules are appropriate for a Server. The scan is configured to apply the suggested rules automatically and ongoing scans are enabled. Some time later, an operating system patch is applied. How can you de-termine which Intrusion Prevention rules are no longer needed on this Server?

Question23: The details of a policy are displayed in the exhibit. Based on these details, which of the following statements is true?

Question24: Which of the following operations makes use of the Intrusion Prevention Protection Module?

Question25: The Intrusion Prevention Protection Module is enabled, but the traffic it is trying to analyze is encrypted through https. How is it possible for the Intrusion Prevention Protection Module to monitor this encrypted traffic against the assigned rules?

Question26: Which of the following file types would not be evaluated by the Application Control Protection Module?

Question27: What is the result of performing a Reset operation on a Deep Security Agent?

Question28: While viewing the details of the Firewall Protection Module, as displayed in the exhibit, you note that a few rules have already been assigned. You try to disable these rules, but they can not be unassigned. Why can the displayed rules not be unassigned?