Trend Exam Deep-Security-Professional Topic 1 Question 29 Discussion

Actual exam question for Trend's Deep-Security-Professional exam

Question #: 29
Topic #: 1

[All Deep-Security-Professional Questions]

A Recommendation Scan is run to determine which Intrusion Prevention rules are appropriate for a Server. The scan is configured to apply the suggested rules automatically and ongoing scans are enabled. Some time later, an operating system patch is applied. How can you de-termine which Intrusion Prevention rules are no longer needed on this Server?

AThe READ ME file provided with the software patch will indicate which issues were addressed with this release. Compare this list to the rules that are applied to determine which rules are no longer needed and can be disabled.

BSince the rules are being applied automatically, when the next Intrusion Prevention Recommendation Scan is run automatically, any rules that are no longer needed will be automatically unassigned. These are rules that are no longer needed as the vulnerability was corrected with the patch.

CSince there is no performance effect when multiple Intrusion Prevention rules are ap-plied, there is no need to determine which rules are no longer needed. The original rec-ommended rules can remain in place without affecting the system.

CSince the rules are being applied automatically, when the next Intrusion Prevention Recommendation Scan is run automatically, any rules that are no longer needed will be displayed on the Recommended for Unassignment tab in the IPS Rules. These are rules that are no longer needed and can be disabled as the vulnerability was corrected with the patch.

Show Suggested Answer

Suggested Answer: B

by Caprice at Feb 11, 2024, 01:35 AM

Limited Time Offer

25%

11 months ago

Hey, how do we determine which Intrusion Prevention rules are no longer needed on a Server after applying an OS patch?

upvoted 0 times

...