Résumé de La Réponse Endpoint Kas Update
Résumé de La Réponse Endpoint Kas Update
Résumé de La Réponse Endpoint Kas Update
Windows 10
Any standalone package of Kaspersky Endpoint Security for Windows (11.1.0) automatically
uninstalls incompatible applications
Make sure that the check box "Uninstall incompatible applications automatically" is selected
in the properties of the regular installation package of Kaspersky Network Agent prior to
creating a standalone installation package
Make sure that the check box "Uninstall incompatible applications automatically" is selected
in the properties of the regular installation package of Kaspersky Endpoint Security 11.1 for
Windows prior to creating a standalone installation package
User
Domain administrator
Local administrator
5. How many policies can you create in a single group of managed devices for Kaspersky
Endpoint Security?
5 at most
Incorrect answerA Virus Scan task for Kaspersky Endpoint Security for Windows
Correct answerA ‘Find vulnerabilities and required updates’ task for Network Agent
Correct answerAn Update task for Kaspersky Endpoint Security for Windows
7. Which of the following ports must be opened in the firewall for the users to be able to
download the package using the automatically created link?
80 and 443
Incorrect answer15,000
Incorrect answer13291
8061
8060
8. Which component is NOT available in Kaspersky Endpoint Security 11.1 for Windows?
Firewall
Device Control
9. Select the correct statements about tasks in Kaspersky Security Center:Partiellement correct
1/2
Correct answerThe administrator can exclude a subgroup from a task’s scope
Incorrect answerThere are active and inactive tasks
To make task settings enforced on the computers, the respective locks must be closed
The administrator can create a task for a set of computers belonging to different groups
By default, subgroups’ tasks inherit settings of the parent group’s tasks (as far as tasks of the
same type are concerned)
There may not be more than one task for the same application in a group
10. How many concurrent active policies of Kaspersky Endpoint Security 11.1 for Windows
can there be within a single group?
11. Which network polling methods are enabled by default in Kaspersky Security Center 11
Administration Server?Partiellement correct 2/3
Correct answerQuick Windows Network Poll
Incorrect answerIP range polling
Correct answerActive Directory polling
12. Which components are NOT available in Kaspersky Endpoint Security 11.1 for
Windows?
IM Anti-Virus
14. Group tasks and a protection policy are defined for Kaspersky Endpoint Security 11.1 for
Windows in the "Managed devices" group. You want to apply entirely different settings to a
particular subgroup. How can you achieve this?Partiellement correct 1/2
Correct answerCreate a new policy in the subgroup and disable inheritance in its settings
Incorrect answerCreate new group tasks in the subgroup and disable inheritance in their
settings
15. A policy of Kaspersky Endpoint Security 11.1 for Windows is configured for group A.
Group A has subgroup B, which contains another policy of Kaspersky Endpoint Security 11.1
for Windows. Which settings can be edited in the policy of group B?Partiellement correct 1/2
Any
Correct answerAny, if the "Inherit settings from upper-level policy" check box is cleared in
the group B policy
16. An administrator of ABC Inc. needs to remotely install Network Agent and Kaspersky
Endpoint Security on five notebooks, which have different local administrator accounts and
are not on the domain. What would you advise?
Incorrect answerCreate a single remote installation task and run it five times; change the
target computer and the administrator account every time
Create a single remote installation task and specify accounts of all administrators there
17. Which of the following operating systems does Kaspersky Endpoint Security for Windows (11.1.0)
support?
Incorrect answerAdministration Server communication ports
18. What does the Administration Server store in the KLSHARE shared folder?
Correct answerUpdates for managed products
Database of events
Clear the check box "Uninstall incompatible applications automatically" in the properties of
the installation package of Kaspersky Endpoint Security
Clear the check box "Uninstall incompatible applications automatically" in the properties of
the installation package of Kaspersky Network Agent
You cannot achieve this using the Kaspersky Security Center Administration Console
21. You are planning to deploy Kaspersky Endpoint Security for Business to implement a
centrally managed network protection. Which applications will you need to install on the
network computers?
Correct answerKaspersky Security Center
Correct answerKaspersky Security Center Network Agent
22. Consider Kaspersky Security Center 11 and Kaspersky Endpoint Security 11.1 for
Windows. You want to import the Active Directory structure to the structure of managed
computers. How to achieve this?
Correct answerUse a one-time relocation rule with the option to create missing groups for
organizational units
Incorrect answerUse the task "Synchronize Active Directory structure"
Correct answerUse the option to "Create groups structure" in the right-click menu of the
"Managed devices" node in the MMC console
Incorrect answerUse the option to "Create groups structure" in the Quick Start Wizard
23. The administrator starts the Administration Server Quick Start Wizard from the MMC
console. In which of the following cases will the wizard create a Send Reports task?
If the option More than 5000 networked devices has been selected in the Installation Wizard
The Quick Start Wizard does not create a Send Reports task
Correct answerIf email notification parameters have been specified in the Quick Start Wizard
Résumé de la réponse
002.11.1 - Exam: Kaspersky Endpoint Security and Management [e]>Protection management
24. How should the administrator disable the use of KSN in Kaspersky Endpoint Security
11.1 on the client computers?
Clear the check box that allows the use of KSN in the properties of the Administration Server
It is not possible
Incorrect answerReinstall the Administration Server and choose not to use KSN in the Quick
start wizard
25. Which of the following components of Kaspersky Endpoint Security 11.1 for Windows
provides proactive defense against unknown threats by analyzing the sequence of actions
performed by a program?
26. Under which conditions does Kaspersky Endpoint Security switch to the out-of-office
mode with the enabled option "Switch to out-of-office policy when Administration Server is
not available"?
After an unsuccessful synchronization, if the client computer does not receive an answer to
the command "ping <Administration Server address>"
Incorrect answerAfter an unsuccessful synchronization, if the client computer fails to resolve
the Administration Server name
After three successive failed synchronizations with the Administration Server or after all
networks have been disconnected
27. Which networks are Trusted in the Firewall policy of Kaspersky Endpoint Security 11.1
under the default settings?
None
127.0.0.1/32
Incorrect answerAfter three successive failed synchronizations with the Administration Server
or after all networks have been disconnected
30. How does Kaspersky Endpoint Security 11.1 for Windows protect against ransomware
that encrypts files?
Use the "Pause protection and control" command in the right-click menu of Kaspersky
Endpoint Security in the notification area
None of the above
Internet Explorer
Mozilla Firefox
Google Chrome
Microsoft Edge
Correct answerNone of the above (meaning, it can block dangerous objects in all of them)
33. A user tries to download an infected object over HTTPS. Which component of Kaspersky
Endpoint Security 11.1 for Windows will be the first to detect it?
None
Any
35. How will Web Threat Protection scan https traffic under the default settings if a website
uses an EV certificate?
The certificate will NOT be substituted, https traffic will NOT be scanned
Correct answerAt the first connection, the certificate will be substituted, https traffic will be
scanned. At subsequent connections, the certificate will NOT be substituted, https traffic will
NOT be scanned
36. Consider Kaspersky Endpoint Security 11.1 for Windows. When the Behavior Detection
component recognizes dangerous activities, which of the following actions can it take?
Incorrect answerDisinfect
Delete the file
37. What does the password that can be specified in the Network Agent policy prevent?
Carrying out the command "send heartbeat" that forces a synchronization with the Server
38. However, access to facebook.com has been blocked for everyone. Why?
The blocking rule is higher than the allowing rule on the list
39. A computer running Windows 7 is protected with Kaspersky Endpoint Security 11.1 for
Windows. You want to prohibit connecting USB scanners to it, but allow removable USB
drives. How can you achieve this?
Correct answerBlock "Cameras and scanners" in the Device Control
40. The administrator has included a USB flash drive in the list of trusted devices in the
Device Control policy of Kaspersky Endpoint Security 11.1 for Windows. Who can use this
drive?
Any user
41. What should be changed to prohibit this possibility without affecting any other USB
devices?
No way, such a device cannot be blocked by Kaspersky Endpoint Security 11.1 for Windows
42. Which actions can be specified in the Web Control rules of Kaspersky Endpoint Security
11.1 for Windows?
Correct answerAllow
Test
Correct answerWarn
Correct answerBlock
43. Consider Kaspersky Endpoint Security for Windows (11.1.0). You want to block banners
on the web pages visited by the users. How can you achieve this?
Incorrect answerEnable the Anti-Banner component
Enable the option to block banner links in the Web Threat Protection settings
Create a rule in the Web Control settings to block the content category "Banners"
44. Select the best way to test the new rules prior to deploying them (without disabling those
currently implemented).
Incorrect answerSelect the "Notify" action in the settings of Application Control
In the Application Control window, check every new rule by pressing the "Static analysis"
button
45. The update task of Kaspersky Endpoint Security for Windows has settings for the "Local
mode" and settings for the "Mobile mode". Under which conditions are update settings for the
"Mobile mode" used?
If the conditions of switching to the mobile mode (which are specified in the Network Agent
policy) are met, and an out-of-office policy is applied to the computer
Incorrect answerIf all sources specified in the settings for the local mode are inaccessible
If the conditions of switching to the mobile mode (which are specified in the Network Agent
policy) are met
An update task does not have update settings for mobile mode
46. The databases are regularly updated in the repository, but the group task starts on the
client computers only after a planned synchronization rather than immediately. Why?
UDP port 15000 is inaccessible on the client computer (for example, blocked by the firewall)
UDP port 15000 is inaccessible on the Administration Server (for example, blocked by the
firewall)
47. Consider Kaspersky Security Center 11. Which of the following conditions can make the
backup copying task return an error on the Administration Server?Partiellement correct 2/3
Correct answerThe Administration Server account has no "Write" permissions for the backup
target directory
Correct answerThe drive where the backup directory is located lacks free space
Incorrect answerThe "Download updates to the repository" task is running on the server
(backup copying cannot begin until the updating completes)
The database server account has no "Write" permissions for the backup target directory
It is not possible
49. Where can you approve installation of a Maintenance Release of Kaspersky Endpoint
Security in the Kaspersky Security Center Web Console?
Incorrect answerOperations | Kaspersky Lab applications | Kaspersky Lab software updates
and patches
50. About which events does Kaspersky Security Center notify the administrator under the
default settings?
Incorrect answerAbout all
About none
1. How does the remote installation task of Kaspersky Endpoint Security for Windows
(11.1.0) behave by default if a third-party protection application is detected on a computer?
Returns an error and prompts the administrator to uninstall the application manually
Installs Kaspersky Endpoint Security, but completes with a warning that the third-party
protection application must be uninstalled
Clear the "Force inheritance of settings in child policies" check box in the group A policy
3. ABC Inc. plans to deploy Kaspersky Endpoint Security on 10,000 endpoints and manage
protection through one Administration Server. Which database server would you recommend
to choose for Kaspersky Security Center?
Correct answerMicrosoft SQL Server Standard
Clear the check box "Uninstall incompatible applications automatically" in the properties of
the remote installation task
Clear the check box "Uninstall incompatible applications automatically" in the properties of
the installation package of Kaspersky Endpoint Security
Clear the check box "Uninstall incompatible applications automatically" in the properties of
the installation package of Kaspersky Network Agent
Correct answerYou cannot achieve this using the Kaspersky Security Center Administration
Console
5. On which editions of Windows Server 2012 can Kaspersky Security Center 11
Administration Server be installed?
Correct answerFoundation
Correct answerEssentials
Correct answerStandard
Correct answerDatacenter
6. You are planning to deploy Kaspersky Endpoint Security for Business to implement a
centrally managed network protection. Which applications will you need to install on the
network computers?
Correct answerKaspersky Security Center
Correct answerKaspersky Security Center Network Agent
7. Where does Kaspersky Security Center store events of the computers that the administrator
can see in the reports?
8. If the administrator mistyped the Administration Server address in the installation wizard,
where can this address be modified in the Administration Console?Partiellement correct 1/2
If a computer is included in several groups, the policy that is higher in the Policies node is
applied to it
10. Which group tasks and policies does the Quick Start wizard create on the Administration
Server when started from the Web console?Partiellement correct 2/3
Correct answerA policy for Kaspersky Security Center Network Agent
Incorrect answerA ‘Find vulnerabilities and required updates’ task for Network Agent
Correct answerAn Update task for Kaspersky Endpoint Security for Windows
11. Which level of permissions is sufficient for installing Kaspersky Endpoint Security for
Windows?
User
Local administrator
Power user
12. What does a closed lock mean near a parameter in a group policy of Kaspersky Endpoint
Security?
Correct answerThis parameter cannot be changed in the local interface of Kaspersky Endpoint
Security
This parameter can be changed only by the administrator who created the policy
BitLocker Management
Web Control
Device selections
Policies
Unassigned devices
Any
Correct answerThe parameters that are NOT locked in the policy of group A
Correct answerAny, if the "Inherit settings from upper-level policy" check box is cleared in
the group B policy
17. How many concurrent active policies of Kaspersky Endpoint Security 11.1 for Windows
can there be within a single group?
2 at most
5
Incorrect answerAs many as you want
18. The administrator needs a standalone installation package of Kaspersky Endpoint Security
for Windows (11.1.0) that will automatically uninstall incompatible applications during the
installation. How would you create one in Kaspersky Security Center 11?
Any standalone package of Kaspersky Endpoint Security for Windows (11.1.0) automatically
uninstalls incompatible applications
Incorrect answerMake sure that the check box "Uninstall incompatible applications
automatically" is selected in the properties of the regular installation package of Kaspersky
Network Agent prior to creating a standalone installation package
Make sure that the check box "Uninstall incompatible applications automatically" is selected
in the properties of the regular installation package of Kaspersky Endpoint Security 11.1 for
Windows prior to creating a standalone installation package
Select the check box "Uninstall incompatible applications automatically in the properties" of
the standalone installation package
19. When configuring a standalone installation package of Kaspersky Endpoint Security 11.1
for Windows in Kaspersky Security Center for computers that do not have access to the
network, how would you include custom protection settings into the package?
Incorrect answerExport the policy of Kaspersky Endpoint Security 11.1 for Windows with the
necessary settings to a file and copy this file into the folder that contains the standalone
package files
Export the settings from the local Kaspersky Endpoint Security interface and copy this file
into the folder where the standalone package is located
Export the settings from the local Kaspersky Endpoint Security interface and specify this file
as the configuration file in the properties of the regular installation package prior to creating a
standalone package
Export the policy of Kaspersky Endpoint Security 11.1 for Windows with the configured
settings to a file and specify this file as the configuration file in the properties of the regular
installation package prior to creating a standalone package
20. Consider Kaspersky Security Center 11. There is a "Virus scan" task in the "Managed
devices" group, and there is a subgroup named "Servers" for which you want to change the
schedule of anti-virus scanning. How can you achieve this?
Correct answerExclude the "Servers" subgroup from the scan scope of the "Virus scan" task
configured in the "Managed devices" group, and create another "Virus scan" task with the
necessary settings in the "Servers" subgroup
Create another "Virus scan" task with the necessary settings in the "Servers" subgroup and
disable inheritance in its properties
Create another "Virus scan" task with the same name and the necessary settings in the
"Servers" subgroup; it will run instead of the parent group task
21. The administrator plans to use the SNMP protocol to receive messages from the
Administration Server and monitor statuses. However, the "SNMP agent" component is
missing from the list of Administration Server components in the installation wizard. Why?
22. Which of the following database servers does Kaspersky Security Center 11 support?
24. Select the most correct description for the Remediation Engine component:
It intercepts software start attempts and blocks applications according to the rules configured
by the administrator
Incorrect answerIt analyzes individual operations performed by applications and prohibits
little-known applications from taking potentially dangerous actions
It logs actions taken by applications and can roll them back if the software demonstrates
dangerous activity patterns
25. You have found out that the Firewall hampers an application that belongs to the High
Restricted group. Which of the following measures can solve the issue?
Create allow packet rules for the application’s ports and protocols, and place them to the top
of the list of rules
Manually put the application’s executable files into the "Low restricted" or "Trusted" group in
the Kaspersky Endpoint Security policy
Add the application’s executable file to the list of paths excluded from scanning in the Trusted
zone
Incorrect answerAdd the application’s executable file to the list of trusted in the Trusted zone
and select the check box "Do not scan network traffic" for it
26. How should the administrator disable the use of KSN in Kaspersky Endpoint Security
11.1 on the client computers?
Clear the check box that allows the use of KSN in the properties of the Administration Server
Reinstall the Administration Server and choose not to use KSN in the Quick start wizard
27. The administrator has decided to enable scanning for encrypted connections. Which
components of Kaspersky Endpoint Security will use it?Partiellement correct 2/3
Correct answerWeb Threat Protection
28. A legitimate application that users need for their work is being categorized as "Untrusted"
and blocked by Kaspersky Endpoint Security 11.1 for Windows. You want to prevent this
without weakening protection too much. What are your options?
Correct answerManually put the application into a group other than "Untrusted" in the Host
Intrusion Prevention settings
Correct answerAdd the application to the "Trusted zone" with the option "Do not monitor
application activity"
29. Which access to network do programs get that belong to the High Restricted group on
Microsoft Windows Server 2012 R2 protected with Kaspersky Endpoint Security 11.1 under
the default settings?
Incorrect answerNone, because the Host Intrusion Prevention component will block them
30. How does Kaspersky Endpoint Security 11.1 for Windows protect against ransomware that
encrypts files?
31. The user tries to connect to a website over https. Kaspersky Endpoint Security installed on
the computer is under the policy created by the Quick Start Wizard. An error occurs when
scanning encrypted traffic. What will happen in that case?
Incorrect answerKaspersky Endpoint Security will block the https connection to the website.
The user will see the corresponding pop-up notification by Kaspersky Endpoint Security
The website will be automatically added to the local list of exclusions (domains with secure
connection scan errors). Encrypted traffic will not be scanned for this website. The user will
successfully connect to the website
The https connection to the website will fail and return an error
32. Which connections are High Restricted applications prohibited from establishing in
Trusted networks under the default settings?
None
Incorrect answerAny
Firewall
34. A user tries to download an infected object over HTTPS. Which component of Kaspersky
Endpoint Security 11.1 for Windows will be the first to detect it?
Correct answerWeb Threat Protection
35. How does Host Intrusion Prevention select a trust level for a program?Partiellement
correct 1/2
Correct answerIt uses information from Kaspersky Security Network
Incorrect answerIt uses the results of background scanning by the online service
"virustotal.com"
36. How does Kaspersky Endpoint Security 11.1 for Windows protect against ransomware
that encrypts files?
38. Which of the following is a known limitation of the Web Control component in Kaspersky
Endpoint Security 11.1 for Windows?
It works only with the mainstream web browsers, such as Internet Explorer, Mozilla Firefox,
Google Chrome
Allow
Smart
Notify
Incorrect answerBlock
40. What should the administrator do to be able to create Application Control rules?
Incorrect answerCreate and run the "Inventory" task on at least one computer
41. Consider Kaspersky Security Center 11. The administrator selected the "Path to folder"
parameter as a condition for an application category and specified the "C:\Program Files\
Microsoft\" value. Which executable files will meet this condition?
The files whose checksums coincide with the checksums of the files that were located in
folder "С:\Program Files\Microsoft\" on the Administration Server when the category was
being created
Incorrect answerThe files whose metadata coincides with the metadata of the files located in
"С:\Program Files\Microsoft\" on the Administration Server
The files whose checksums coincide with checksums of files located in "С:\Program Files\
Microsoft\" on the Administration Server. Every time the Administration Server is restarted,
the list of checksums is updated to reflect the current folder contents
42. The administrator of the АВС company needs to prohibit starting several programs in the
network. What is the best way to achieve this?
In Application Control, select the "Black list" mode and create allow rules for the applications
whose start is to be prohibited
Incorrect answerIn Application Control, select the "White list" mode and create block rules
for the applications whose start is to be prohibited
In Application Control, select the "White list" mode and create allow rules for the applications
whose start is to be prohibited
In Application Control, select the "Black list" mode and create block rules for the applications
whose start is to be prohibited
43. The administrator wants to configure Device Control settings in the policy of Kaspersky
Endpoint Security 11.1 for Windows, but the control options are not displayed in the policy.
How should the administrator fix this?
Load a Kaspersky Endpoint Security for Business "Advanced" license into Kaspersky
Security Center
Correct answerOpen the Kaspersky Security Center interface settings and select the "Display
endpoint control settings" check box
Run a "Change application components" task and select the "Standard" installation type
instead of the "Basic installation" type
44. Which of the control components of Kaspersky Endpoint Security 11.1 for Windows can
apply access rules on schedule? Partiellement correct 1/2
Device Control
45. How can you make the computers’ status normal again?
Delete the virus detection events from the Administration Server database
klmover.exe
GetSystemInfo.exe
Correct answerklnagchck.exe
47. How can you achieve this?
It is not possible
Modify the status change conditions in the policy of Kaspersky Endpoint Security for
Windows
Correct answerModify the status change conditions in the administration groups’ properties
Use the recovery mode in the installation wizard of the Administration Server
Use the recovery mode in the Quick Start wizard of the Administration Server
49. Which ports must be opened on the server for the client computers to be able to update
successfully?
HTTP port 80
UDP ports 137 and 138, TCP ports 139 and 445
50. Consider Kaspersky Security Center 11. Which of the following conditions can make the
backup copying task return an error on the Administration Server?
Correct answerThe Administration Server account has no "Write" permissions for the backup
target directory
Correct answerThe drive where the backup directory is located lacks free space
The "Download updates to the repository" task is running on the server (backup copying
cannot begin until the updating completes)
Correct answerThe database server account has no "Write" permissions for the backup target
directory
1. Which of the following ports must be opened in the firewall for the users to be able to
download the package using the automatically created link?
80 and 443
15,000
13291
Correct answer8061
Correct answer8060
2. Select the correct statements about tasks in Kaspersky Security Center:Partially
correct 1/2
There may not be more than one task for the same application in a group
Incorrect answerTo make task settings enforced on the computers, the respective locks must
be closed
Correct answerThe administrator can exclude a subgroup from a task’s scope
By default, subgroups’ tasks inherit settings of the parent group’s tasks (as far as tasks of the
same type are concerned)
The administrator can create a task for a set of computers belonging to different groups
3. Consider Kaspersky Security Center 11. There is a "Virus scan" task in the
"Managed devices" group, and there is a subgroup named "Servers" for which you
want to change the schedule of anti-virus scanning. How can you achieve this?
Correct answerExclude the "Servers" subgroup from the scan scope of the "Virus scan" task
configured in the "Managed devices" group, and create another "Virus scan" task with the
necessary settings in the "Servers" subgroup
A task configured in a parental group always runs in a subgroup
Create another "Virus scan" task with the necessary settings in the "Servers" subgroup and
disable inheritance in its properties
Create another "Virus scan" task with the same name and the necessary settings in the
"Servers" subgroup; it will run instead of the parent group task
4. You want to organize computers into groups to be able to specify different protection
parameters for them. In which node of Kaspersky Security Center console are such
groups to be created?
Device selections
Policies
Unassigned devices
Device Control
Correct answerModify the Administration Server address in the properties of the Network
Agent installation package
7. Which of the following are Kaspersky Security Center tasks?Partially correct 1/2
Correct answerPerform Windows Update synchronization
9. Which of the following components can be used under the KESB Select license, but is
NOT installed by default in Kaspersky Endpoint Security?
IM Anti-Virus
Incorrect answerThere are no such components
10. Which of the following operating systems does Kaspersky Endpoint Security for
Windows (11.1.0) support?
Microsoft Windows XP
Nothing is to be changed
12. Which components are NOT available in Kaspersky Endpoint Security 11.1 for
Windows?
BitLocker Management
Web Control
14. Which of the following capabilities are implemented as group tasks in Kaspersky
Endpoint Security for Windows (11.1.0)?
Correct answerUpdate
Correct answerChange Application Components
Using operating system tools: Shared folders and remote procedure call (RPC)
17. Which component is NOT available in Kaspersky Endpoint Security 11.1 for
Windows?
Firewall
Device Control
18. How can the administrator enable editing for all settings of the subgroup's policy?
Select all applicable solutions.Partially correct 1/2
Correct answerClear the "Inherit settings from upper-level policy" check box in the group B
policy
Incorrect answerClear the "Force inheritance of settings in child policies" check box in the
group A policy
19. You are planning to deploy Kaspersky Endpoint Security for Business to implement
a centrally managed network protection. Which applications will you need to install on
the network computers?
Correct answerKaspersky Security Center
Correct answerKaspersky Security Center Network Agent
Kaspersky Endpoint Security for Windows Console
20. Which of the following virtual platforms does Kaspersky Security Center 11
support?
Correct answerVMware vSphere
Correct answerMicrosoft Hyper-V Server
Correct answerCitrix XenServer
Correct answerParallels Desktop
Correct answerVMware Workstation
Correct answerOracle VM VirtualBox
KVM
Create a relocation rule and specify both conditions in it: The range of IP addresses and the
name mask
Create two relocation rules for the same group: In one of them, specify the IP range condition,
and in the other one, the name mask
Incorrect answerCreate a relocation rule and specify both conditions in it: The range of IP
addresses and the name mask, and also select the checkbox "Apply the rule if at least one of
the conditions is matched"
22. Which of the following operating systems does Kaspersky Endpoint Security for
Windows (11.1.0) support?
24. How does Kaspersky Endpoint Security 11.1 for Windows protect against
ransomware that encrypts files?
Create allow packet rules for the application’s ports and protocols, and place them to the top
of the list of rules
Correct answerManually put the application’s executable files into the "Low restricted" or
"Trusted" group in the Kaspersky Endpoint Security policy
Incorrect answerAdd the application’s executable file to the list of paths excluded from
scanning in the Trusted zone
Add the application’s executable file to the list of trusted in the Trusted zone and select the
check box "Do not scan network traffic" for it
27. Which of the following can File Threat Protection of Kaspersky Endpoint Security
11.1 for Windows do?
Correct answerScan files on drives on access
28. Which parameters do you need to disable in the policy to stop Kaspersky Endpoint
Security from sending extended statistical information and files or their parts to the
KSN cloud?
Cloud mode
29. What does the File Threat Protection scope include with the default settings?Partially
correct 1/3
Special permissions are not necessary, File Threat Protection does not scan any files accessed
by trusted processes
Incorrect answerAfter three successive failed synchronizations with the Administration Server
or after all networks have been disconnected
32. Into which trust group does Host Intrusion Prevention move programs by default for
which it cannot receive information from KSN?
Trusted
Low Restricted
High Restricted
Incorrect answerUntrusted
33. In which case can you comparatively safely disable scan of network drives by File
Threat Protection of Kaspersky Endpoint Security?
Web Threat Protection is enabled on the computers, which scans data transferred over the
network
Protection software is installed on the servers where network drives are located
A scheduled virus scan task is configured for the computers, which scans network drives
Incorrect answerNetwork Threat Protection is enabled on the computers, which scans data
transferred over the network
34. Which of the following protocols can be specified in the Firewall rules in Kaspersky
Endpoint Security 11.1 for Windows?
ARP
Correct answerTCP
SMTP
Correct answerICMP
SNMP
Correct answerUDP
35. Consider Kaspersky Endpoint Security 11.1 for Windows. Which of the following
actions can be limited with the help of password protection configured in the policy?
Partially correct 3/4
Correct answerExit Kaspersky Endpoint Security
Incorrect answerStop Kaspersky Endpoint Security service
37. How should the administrator disable the use of KSN in Kaspersky Endpoint
Security 11.1 on the client computers?
Incorrect answerClear the check box that allows the use of KSN in the properties of the
Administration Server
It is not possible
Reinstall the Administration Server and choose not to use KSN in the Quick start wizard
38. Consider Kaspersky Endpoint Security 11.1 and Kaspersky Security Center 11. How
can you tell which "KL category" a particular executable file belongs to?Partially correct
1/2
Correct answerConsult the Application Activity Monitor in the local interface of Kaspersky
Endpoint Security 11.1
39. Which action is specified for Adaptive Anomaly Control rules in the Kaspersky
Endpoint Security policy by default?
Incorrect answerAllow
Smart
Notify
Block
40. Which of the control components of Kaspersky Endpoint Security 11.1 for Windows
can apply access rules on schedule?Partially correct 1/2
Incorrect answerHost Intrusion Prevention
Application Control
Device Control
41. Which of the following web browsers does Web Control support in Kaspersky
Endpoint Security 11.1 for Windows?
Correct answerInternet Explorer
Correct answerMozilla Firefox
Correct answerGoogle Chrome
42. Which of the control components permit specifying different limitations for different
users within Kaspersky Endpoint Security 11.1 for Windows?Partially correct 3/4
Correct answerApplication Control
Incorrect answerHost Intrusion Prevention
Application Control
Host Intrusion Prevention
Kaspersky Endpoint Security 11.1 for Windows cannot perform this task
The files whose checksums coincide with the checksums of the files that were located in
folder "С:\Program Files\Microsoft\" on the Administration Server when the category was
being created
The files whose metadata coincides with the metadata of the files located in "С:\Program
Files\Microsoft\" on the Administration Server
The files whose checksums coincide with checksums of files located in "С:\Program Files\
Microsoft\" on the Administration Server. Every time the Administration Server is restarted,
the list of checksums is updated to reflect the current folder contents
45. Consider Kaspersky Security Center 11. What data is included into a backup copy of
the Administration Server created with a dedicated Kaspersky Security Center task?
Correct answerThe structure of managed computers
An update task does not have update settings for mobile mode
If all sources specified in the settings for the local mode are inaccessible
Incorrect answerIf the conditions of switching to the mobile mode (which are specified in the
Network Agent policy) are met, and an out-of-office policy is applied to the computer
If the conditions of switching to the mobile mode (which are specified in the Network Agent
policy) are met
47. What is the default password in the "Backup of Administration Server data" task
created by the Quick Start wizard of Kaspersky Security Center 11?
kasperskylab
KasperskyLab
KL
UDP port 15000 is inaccessible on the Administration Server (for example, blocked by the
firewall)
49. How can you make the computers’ status normal again?
Delete the virus detection events from the Administration Server database
The status will normalize automatically in 24 hours
Just run the "Backup of Administration Server data" task, everything will be done
automatically
Run the "klbackup.exe" utility on the computer where the database is located
Run the "klbackup.exe" utility on the Administration Server, but with the "–path" switch
1. The administrator starts the Administration Server Quick Start Wizard from the Web
console. In which of the following cases will the wizard create a Send Reports task?
If the option More than 5000 networked devices has been selected in the installation wizard
The Quick Start wizard does not create the Send reports task
Incorrect answerIf email notification parameters have been specified in the Quick Start
Wizard
2. Which of the following components can be used under the KESB Select license, but is
NOT installed by default in Kaspersky Endpoint Security?
Incorrect answerIM Anti-Virus
Use the option to "Create groups structure" in the Quick Start Wizard
Correct answerUse a one-time relocation rule with the option to create missing groups for
organizational units
Correct answerUse the option to "Create groups structure" in the right-click menu of the
"Managed devices" node in the MMC console
5. Which of the following operating systems does Kaspersky Endpoint Security for Windows
(11.1.0) support?
User
Domain administrator
Power user
7. How does the remote installation task of Kaspersky Endpoint Security for Windows
(11.1.0) behave by default if a third-party protection application is detected on a computer?
Returns an error and prompts the administrator to uninstall the application manually
Clear the "Force inheritance of settings in child policies" check box in the group A policy
Correct answerModify the Administration Server address in the properties of the Network
Agent installation package
10. Which of the following operating systems does Kaspersky Endpoint Security for
Windows (11.1.0) support?
Computers will receive them from the domain controller together with the Active Directory
group policy
The Administration Server will copy the files to the computers’ temporary folders over the
network beforehand
Computers will download them from the shared folder on the domain controller
Correct answerComputers will download them from the shared folder on the Administration
Server
12. How to make the exclusion work on the computers immediately after Kaspersky Endpoint
Security is installed rather than after computers download the policy?
Move new computers to the group where the policy is configured before installing Kaspersky
Endpoint Security
Correct answerAdd a configuration file with the exclusion to the installation package of
Kaspersky Endpoint Security (you can export the settings on an already configured computer)
Export the policy to a file and copy it into the folder where the installation package files of
Kaspersky Endpoint Security are located
13. Which of the following operating systems does Kaspersky Endpoint Security for
Windows (11.1.0) support?
Microsoft Windows XP
Integrity check
15. Which of the following virtual platforms does Kaspersky Security Center 11 support?
Correct answerVMware vSphere
Correct answerMicrosoft Hyper-V Server
Correct answerCitrix XenServer
Correct answerParallels Desktop
Correct answerVMware Workstation
Correct answerOracle VM VirtualBox
KVM
16. Under which scenario would a Kaspersky Endpoint Security 11.1 installation require a
system restart?
Correct answerIf a program incompatible with Kaspersky Endpoint Security 11.1 is detected
on the computer and the installer uninstalls it
Correct answerIf the product is installed on an operating system where Windows Defender is
enabled
17. Which of the following remote installation methods can be used in the "Install Application
remotely" task in Kaspersky Security Center 11 when the Network Agent is not selected to be
deployed?
18. Which of the following database servers does Kaspersky Security Center 11 support?
Open the folder where the standalone package is located and edit the installation string in
the .kud file
Open the folder where the standalone package is located and edit the list of components in the
.kud file
Select the component in the original Kaspersky Endpoint Security package and re-create the
standalone package
20. In which cases does the Administration Server update databases in the installation
packages of Kaspersky Endpoint Security
When the administrator clicks the button "Update databases" in the package properties
When the package is created
22. On which operating systems can Kaspersky Security Center 11 Administration Server be
installed?
Systems Management
24. How can you exclude a file from the File Threat Protection scope?
Correct answerAdd the path to the file or folder to the list of exclusions
Correct answerAdd the program that accesses the file to the list of trusted processes
Correct answerModify the protection scope of File Threat Protection
Correct answerAdd the certificate with which the file is signed to the computers’ certificate
store and configure an exclusion for this store
25. A user tries to download an infected object over HTTPS. Which component of Kaspersky
Endpoint Security 11.1 for Windows will be the first to detect it?
Correct answerWeb Threat Protection
Network Threat Protection
26. Which compound objects does File Threat Protection scan under the default settings?
Archives
Installation packages
Office files
Incorrect answerNone
27. Which of the following can the Mail Threat Protection component of Kaspersky Endpoint
Security 11.1 for Windows do?
Disinfect
Protection software is installed on the servers where network drives are located
A scheduled virus scan task is configured for the computers, which scans network drives
Network Threat Protection is enabled on the computers, which scans data transferred over the
network
30. Which component or subsystem of Kaspersky Endpoint Security 11.1 for Windows causes
this behaviour?
Incorrect answerFirewall
Self-Defense
Behaviour Detection
31. Nothing is copied, and Kaspersky Endpoint Security does not display any messages. What
has happened?
Incorrect answerThe flash drive has been blocked by the Device Control
Self-defense of Kaspersky Endpoint Security 11.1 has blocked access to the infected object on
the removable device
32. What does the password that can be specified in the Network Agent policy prevent?
Correct answerNetwork Agent uninstallation
Carrying out the command "send heartbeat" that forces a synchronization with the Server
33. Which component of Kaspersky Endpoint Security 11.1 for Windows except "Web Threat
Protection" takes part in protection against phishing?
Web Control
34. What does the Firewall do with a packet that meets conditions of several rules, including
allow and block?
After an unsuccessful synchronization, if the client computer does not receive an answer to
the command "ping <Administration Server address>"
Correct answerAfter three successive failed synchronizations with the Administration Server
or after all networks have been disconnected
36. What does the File Threat Protection scope include with the default settings?
Correct answerAll removable drives
Correct answerAll hard drives
Kernel Memory
38. Consider Kaspersky Security Center 11. The administrator selected the "Path to folder"
parameter as a condition for an application category and specified the "C:\Program Files\
Microsoft\" value. Which executable files will meet this condition?
The files whose checksums coincide with the checksums of the files that were located in
folder "С:\Program Files\Microsoft\" on the Administration Server when the category was
being created
The files whose metadata coincides with the metadata of the files located in "С:\Program
Files\Microsoft\" on the Administration Server
The files whose checksums coincide with checksums of files located in "С:\Program Files\
Microsoft\" on the Administration Server. Every time the Administration Server is restarted,
the list of checksums is updated to reflect the current folder contents
39. The administrator of the АВС company needs to prohibit starting several programs in the
network. What is the best way to achieve this?
In Application Control, select the "Black list" mode and create allow rules for the applications
whose start is to be prohibited
In Application Control, select the "White list" mode and create block rules for the applications
whose start is to be prohibited
Incorrect answerIn Application Control, select the "White list" mode and create allow rules
for the applications whose start is to be prohibited
In Application Control, select the "Black list" mode and create block rules for the applications
whose start is to be prohibited
40. What should the administrator do to be able to create Application Control rules?
Incorrect answerJust wait for the databases to be updated on the Administration Server
41. Which resources, when blocked by the control components of Kaspersky Endpoint
Security 11.1 for Windows, can be temporarily allowed with the help of a special access key
provided by the administrator?
Correct answerDevices
Software
Web resources
The files whose MD5 checksum coincides with the checksum of a file located in "C:\Program
Files\Microsoft\" on the Administration Server
Incorrect answerThe files whose metadata coincides with the metadata of the files located in
"С:\Program Files\Microsoft\" on the Administration Server
The files that have the same certificate as any of the files located in "С:\Program Files\
Microsoft\" on the Administration Server
The files whose SHA-256 checksum coincides with the checksum of a file located in "С:\
Program Files\Microsoft\" on the Administration Server
43. However, access to facebook.com has been blocked for everyone. Why?
Correct answerThe blocking rule is higher than the allowing rule on the list
44. Which removable drive access operations can Device Control allow or block in Kaspersky
Endpoint Security 11.1 for Windows?
Correct answerRead
Execute
Delete
Correct answerWrite
45. The update task of Kaspersky Endpoint Security for Windows has settings for the "Local
mode" and settings for the "Mobile mode". Under which conditions are update settings for the
"Mobile mode" used?
An update task does not have update settings for mobile mode
If all sources specified in the settings for the local mode are inaccessible
If the conditions of switching to the mobile mode (which are specified in the Network Agent
policy) are met, and an out-of-office policy is applied to the computer
Correct answerIf the conditions of switching to the mobile mode (which are specified in the
Network Agent policy) are met
46. Consider Kaspersky Security Center 11. What data is included into a backup copy of the
Administration Server created with a dedicated Kaspersky Security Center task?
Correct answerThe structure of managed computers
It is impossible
48. Which ports must be opened on the server for the client computers to be able to update
successfully?
HTTP port 80
UDP ports 137 and 138, TCP ports 139 and 445
49. Kaspersky Security Center 11 uses a remote database. To make a backup copy of all data
stored in the database, the administrator needs to:
Just run the "Backup of Administration Server data" task, everything will be done
automatically
Run the "klbackup.exe" utility on the computer where the database is located
Incorrect answerRun the "klbackup.exe" utility on the Administration Server, but with the "–
path" switch
50. Which parameters of the new Administration Server must be the same as those of the old
one for the clients to be able to connect successfully?
None
2. What does a closed lock mean near a parameter in a group policy of Kaspersky Endpoint
Security?
Correct answerThis parameter cannot be changed in the local interface of Kaspersky Endpoint
Security
This parameter can be changed only by the administrator who created the policy
The next time that the users log on to the domain from the target computers
Incorrect answerIn a few minutes after the computers receive the Active Directory group
policy
5. ABC Inc. plans to deploy Kaspersky Security Center and Kaspersky Endpoint Security in a
network segment where there is no access to the Internet. What is the best way to activate the
products in this case?
With a key file
Returns an error and prompts the administrator to uninstall the application manually
Installs Kaspersky Endpoint Security, but completes with a warning that the third-party
protection application must be uninstalled
10. Which port of the Administration Server do Network Agents connect to under the default
settings?
Correct answerTCP 13000
UDP 15000
TCP 13291
TCP 14000
11. On which operating systems can Kaspersky Security Center 11 Administration Server
NOT be installed?
Correct answerWindows Server 2003
Windows 10
12. The administrator has selected to "Assign Network Agent installation in the Active
Directory group policies" in a remote installation task. How will the Network Agent
installation files get on the computers?
Computers will receive them from the domain controller together with the Active Directory
group policy
The Administration Server will copy the files to the computers’ temporary folders over the
network beforehand
Computers will download them from the shared folder on the domain controller
Correct answerComputers will download them from the shared folder on the Administration
Server
13. Which of the following operating systems does Kaspersky Endpoint Security for
Windows (11.1.0) support?Partiellement correct 1/2
14. Which group tasks and policies does the Quick Start wizard create on the Administration
Server when started from the MMC console?Partiellement correct 3/4
Correct answerA policy for Kaspersky Security Center Network Agent
A policy for Kaspersky Endpoint Security for Windows
Incorrect answerA Virus Scan task for Kaspersky Endpoint Security for Windows
Correct answerA ‘Find vulnerabilities and required updates’ task for Network Agent
Correct answerAn Update task for Kaspersky Endpoint Security for Windows
15. When does Network Agent connect to the Administration Server?
Correct answerWhen a packet arrives to the Agent’s UDP port from the Server
80 and 443
15,000
13291
Correct answer8061
Correct answer8060
17. Which program types does the installer of Kaspersky Security Center Network Agent
consider to be incompatible and try to delete?
Incorrect answerThird-party antiviruses
None
18. Which components of Kaspersky Endpoint Security for Windows (11.1.0) can NOT be
installed on a server operating system?Partiellement correct 1/3
Device Control
Incorrect answerAMSI Protection provider
Application Control
19. Which of the following are Kaspersky Security Center tasks?Partiellement correct 1/2
Correct answerPerform Windows Update synchronization
Incorrect answerChange Administration group
20. Which of the following components will NOT be installed under Windows Server 2012
from the default installation package of Kaspersky Endpoint Security 11.1 for Windows?
Partiellement correct 1/2
Application Control
Device Control
21. Which level of permissions is sufficient for installing Kaspersky Endpoint Security for
Windows?
User
Domain administrator
Power user
22. How to make the exclusion work on the computers immediately after Kaspersky Endpoint
Security is installed rather than after computers download the policy?
Move new computers to the group where the policy is configured before installing Kaspersky
Endpoint Security
Correct answerAdd a configuration file with the exclusion to the installation package of
Kaspersky Endpoint Security (you can export the settings on an already configured computer)
Export the policy to a file and copy it into the folder where the installation package files of
Kaspersky Endpoint Security are located
23. How can the administrator enable editing for all settings of the subgroup's policy? Select
all applicable solutions.
Correct answerClear the "Inherit settings from upper-level policy" check box in the group B
policy
Clear the "Force inheritance of settings in child policies" check box in the group A policy
24. How can they do it, supposing they have local administrator rights?Partiellement correct
1/2
Correct answerUninstall Network Agent and then disable automatic startup of Kaspersky
Endpoint Security 11.1
25. Select the correct statements about exclusions for files and folders in Kaspersky Endpoint
Security:
Correct answerYou can use environment variables, such as "%programfiles%"
Correct answerA folder’s path must end with "\"
Correct answerIt uses the trust levels explicitly specified in the policy
27. Which of the following components of Kaspersky Endpoint Security 11.1 for Windows
does not use the KSN technology?
Exploit Prevention
28. The administrator wants to prohibit notebooks from connecting to Wi-Fi while using a
wired connection. Which component of Kaspersky Endpoint Security can help to achieve
this?
Correct answerAnti-Bridging
Firewall
29. How can the administrator consult the list of domains with secure connection scan errors?
Only in the local interface of Kaspersky Endpoint Security on the user’s computer
Incorrect answerVia the Administration Console (in the computer properties), or in the local
interface of Kaspersky Endpoint Security
30. The administrator has decided to enable scanning for encrypted connections. Which
components of Kaspersky Endpoint Security will use it?
Correct answerWeb Threat Protection
Correct answerMail Threat Protection
31. What happens when the cloud mode is enabled for the protection components?
When the cloud mode is enabled for the protection components, Kaspersky Endpoint Security
uses a lite version of anti-virus databases, but sends more requests to the KSN cloud
When the cloud mode is enabled for the protection components, Kaspersky Endpoint Security
can send executable and non-executable files or their parts to the KSN cloud
Incorrect answerWhen the cloud mode is enabled for the protection components, Kaspersky
Endpoint Security sends extended statistical information to the KSN cloud and uses the full
version of anti-virus databases
32. The administrator wants to exclude operations performed by a particular user from the
scan scope of protection components of Kaspersky Endpoint Security 11.1 for Windows.
Which of the following components support this kind of exclusion?
File Threat Protection
Behavior Detection
33. What does the File Threat Protection scope include with the default settings?
Correct answerAll removable drives
Correct answerAll hard drives
Kernel Memory
After an unsuccessful synchronization, if the client computer does not receive an answer to
the command "ping <Administration Server address>"
Correct answerAfter three successive failed synchronizations with the Administration Server
or after all networks have been disconnected
35. Select the correct statements about Web Threat Protection of Kaspersky Endpoint
Security:
Correct answerIt scans data in outbound connections
Correct answerIt scans data in secure connections (SSL/TLS)
Correct answerIt scans HTTP and FTP protocols
36. Which of the following can File Threat Protection of Kaspersky Endpoint Security 11.1
for Windows do?
Correct answerScan files on drives on access
38. Which of the control components permit specifying different limitations for different users
within Kaspersky Endpoint Security 11.1 for Windows?
Correct answerApplication Control
This scenario cannot be implemented in Kaspersky Endpoint Security 11.1 for Windows
Create a category for Internet Explorer, create an allow rule for this category, and move it to
the bottom of the list of rules
Incorrect answerCreate a category for Internet Explorer, create a rule allowing the start of
programs of this category, and place it higher on the list than the rule that prohibits
"Browsers"
40. Which component of Kaspersky Endpoint Security 11.1 for Windows divides applications
into 4 groups: "Trusted", "Low Restricted", "High Restricted", and "Untrusted"?
Incorrect answerApplication Control
Exploit Prevention
Behavior Detection
41. The administrator wants to configure Device Control settings in the policy of Kaspersky
Endpoint Security 11.1 for Windows, but the control options are not displayed in the policy.
How should the administrator fix this?
Load a Kaspersky Endpoint Security for Business "Advanced" license into Kaspersky
Security Center
Correct answerOpen the Kaspersky Security Center interface settings and select the "Display
endpoint control settings" check box
Run a "Change application components" task and select the "Standard" installation type
instead of the "Basic installation" type
42. The administrator has included a USB flash drive in the list of trusted devices in the
Device Control policy of Kaspersky Endpoint Security 11.1 for Windows. Who can use this
drive?
Any user
Only the administrator who made the device trusted in the policy
43. Consider Kaspersky Endpoint Security for Windows (11.1.0). You want to block banners
on the web pages visited by the users. How can you achieve this?
Enable the option to block banner links in the Web Threat Protection settings
Correct answerCreate a rule in the Web Control settings to block the content category
"Banners"
44. Which of the control components of Kaspersky Endpoint Security 11.1 for Windows can
apply access rules on schedule?
Application Control
45. How can you make the Network Agent perform an unplanned synchronization from
the client side?
46. About which events does Kaspersky Security Center notify the administrator under the
default settings?
About all
About none
47. Kaspersky Security Center 11 uses a remote database. To make a backup copy of all data
stored in the database, the administrator needs to:
Correct answerJust run the "Backup of Administration Server data" task, everything will be
done automatically
Run the "klbackup.exe" utility on the computer where the database is located
Run the "klbackup.exe" utility on the Administration Server, but with the "–path" switch
48. Can the start of group update tasks be randomized in Kaspersky Security Center 11 to
avoid simultaneous connections of all client computers to the Administration Server?
Yes
Yes, but only if the "From 1000 to 5000 computers" or "More than 5000 computers" option
was selected during the installation of the Administration Server
Incorrect answerYes, but only if the computers are organized into several subgroups with
update tasks having different schedules
No
49. Where can you approve installation of a Maintenance Release of Kaspersky Endpoint
Security in the Kaspersky Security Center Web Console?
Operations | Kaspersky Lab applications | Kaspersky Lab software updates and patches
HTTP port 80
UDP ports 137 and 138, TCP ports 139 and 445
1. In which cases does the Administration Server update databases in the installation packages
of Kaspersky Endpoint Security
Correct answerWhen the administrator clicks the button "Update databases" in the package
properties
Correct answerWhen the package is created
2. How many concurrent active policies of Kaspersky Endpoint Security 11.1 for Windows
can there be within a single group?
If a computer is included in several groups, the policy of the group that is higher in the list is
applied
Incorrect answerIf a computer is included in several groups, the policy that is higher in the
Policies node is applied to it
4. Which port of the Administration Server do Network Agents connect to under the default
settings?
Correct answerTCP 13000
UDP 15000
TCP 13291
TCP 14000
Correct answerModify the Administration Server address in the properties of the Network
Agent installation package
6. Which of the following capabilities are implemented as group tasks in Kaspersky Endpoint
Security for Windows (11.1.0)?
Correct answerUpdate
Correct answerChange Application Components
8. How to make the exclusion work on the computers immediately after Kaspersky Endpoint
Security is installed rather than after computers download the policy?
Move new computers to the group where the policy is configured before installing Kaspersky
Endpoint Security
Correct answerAdd a configuration file with the exclusion to the installation package of
Kaspersky Endpoint Security (you can export the settings on an already configured computer)
Export the policy to a file and copy it into the folder where the installation package files of
Kaspersky Endpoint Security are located
9. When configuring a standalone installation package of Kaspersky Endpoint Security 11.1
for Windows in Kaspersky Security Center for computers that do not have access to the
network, how would you include custom protection settings into the package?
Export the policy of Kaspersky Endpoint Security 11.1 for Windows with the necessary
settings to a file and copy this file into the folder that contains the standalone package files
Incorrect answerExport the settings from the local Kaspersky Endpoint Security interface and
copy this file into the folder where the standalone package is located
Export the settings from the local Kaspersky Endpoint Security interface and specify this file
as the configuration file in the properties of the regular installation package prior to creating a
standalone package
Export the policy of Kaspersky Endpoint Security 11.1 for Windows with the configured
settings to a file and specify this file as the configuration file in the properties of the regular
installation package prior to creating a standalone package
10. On which editions of Windows Server 2012 can Kaspersky Security Center 11
Administration Server be installed?
Correct answerFoundation
Correct answerEssentials
Correct answerStandard
Correct answerDatacenter
11. Select the correct statements about tasks in Kaspersky Security Center:Partiellement
correct 1/2
There may not be more than one task for the same application in a group
Incorrect answerTo make task settings enforced on the computers, the respective locks must
be closed
By default, subgroups’ tasks inherit settings of the parent group’s tasks (as far as tasks of the
same type are concerned)
Correct answerThe administrator can create a task for a set of computers belonging to
different groups
12. Which components are NOT available in Kaspersky Endpoint Security 11.1 for
Windows?
Web Control
BitLocker Management
13. Which functionality of Kaspersky Endpoint Security for Windows is NOT available under
the KESB Select license?
Correct answerFull Disk Encryption
Correct answerFile Level Encryption
Correct answerAdaptive Anomaly Control
Integrity Check
Device Control
14. The administrator has created a standalone installation package for Kaspersky Endpoint
Security and Network Agent. Select the correct statements about the standalone
package:Partiellement correct 1/2
Correct answerThe standalone package contains the Administration Server connection
parameters (from the settings of the Network Agent package)
Incorrect answerThe standalone package contains only the installation parameters, while the
files will be downloaded from the shared folder of the Administration Server during the
installation
The standalone package installs the Kaspersky Endpoint Security components that were
selected in the original package of Kaspersky Endpoint Security
The standalone package includes the username and password of an administrator, to enable a
non-administrator user to run it
15. Which of the following operating systems does Kaspersky Endpoint Security for
Windows (11.1.0) support?
User
Domain administrator
Correct answerLocal administrator
Power user
17. Which of the following database servers does Kaspersky Security Center 11 support?
256 MB
Incorrect answer512 MB
1024 MB
2048 MB
19. Which of the following operating systems does Kaspersky Endpoint Security for
Windows (11.1.0) support?
Third-party antiviruses
None
22. Which of the following ports must be opened in the firewall for the users to be able to
download the package using the automatically created link?
80 and 443
15,000
13291
Correct answer8061
Correct answer8060
23. Which of the following operating systems does Kaspersky Endpoint Security for
Windows (11.1.0) support?
Microsoft Windows XP
Clear the check box that allows the use of KSN in the properties of the Administration Server
It is not possible
Reinstall the Administration Server and choose not to use KSN in the Quick start wizard
Correct answerDisable the use of KSN in Kaspersky Endpoint Security 11.1 policy
25. How can the administrator consult the list of domains with secure connection scan errors?
Correct answerOnly in the local interface of Kaspersky Endpoint Security on the user’s
computer
Via the Administration Console (in the computer properties), or in the local interface of
Kaspersky Endpoint Security
26. A workstation is managed remotely through Kaspersky Security Center 11 with the
default settings. Which of the following events invoke pop-up notifications in the local
interface of Kaspersky Endpoint Security 11.1 for Windows?
An infected object has been detected
27. Select the correct statements about exclusions for files and folders in Kaspersky Endpoint
Security:
Correct answerYou can use environment variables, such as "%programfiles%"
Correct answerA folder’s path must end with "\"
30. Which access to network do programs get that belong to the Untrusted group on Microsoft
Windows 7 protected with Kaspersky Endpoint Security 11.1 under the default settings?
None, because the Host Intrusion Prevention component will block them
Carrying out the command "send heartbeat" that forces a synchronization with the Server
Starting the "klnagchk.exe" and "klmover.exe" utilities
32. Select the correct statements about how "File Threat Protection" safeguards a computer
with the default settings:Partiellement correct 1/2
Incorrect answerScans all file types
Scans all files, even those that have not been changed
33. The administrator is trying to find an optimal schedule for a virus scan task, but at any
moment of time either a large number of computers are off, or the users ask to disable
scanning because it slows down the computer. What would you advise?
Enable the mode "Concede resources to other applications" in the Kaspersky Endpoint
Security policy
Select the check box "Allow management of group tasks" in the Kaspersky Endpoint Security
policy to enable users start virus scanning manually
Correct answerEnable the mode "Scan when the computer is idling" in the task
34. Select the most correct description for the Remediation Engine component:
Incorrect answerIt intercepts software start attempts and blocks applications according to the
rules configured by the administrator
It logs actions taken by applications and can roll them back if the software demonstrates
dangerous activity patterns
35. What happens when the cloud mode is enabled for the protection components?
Correct answerWhen the cloud mode is enabled for the protection components, Kaspersky
Endpoint Security uses a lite version of anti-virus databases, but sends more requests to the
KSN cloud
When the cloud mode is enabled for the protection components, Kaspersky Endpoint Security
can send executable and non-executable files or their parts to the KSN cloud
When the cloud mode is enabled for the protection components, Kaspersky Endpoint Security
sends extended statistical information to the KSN cloud and uses the full version of anti-virus
databases
36. How does Host Intrusion Prevention select a trust level for a program?
Correct answerIt uses information from Kaspersky Security Network
Correct answerIt uses the trust levels explicitly specified in the policy
37. Which networks are Trusted in the Firewall policy of Kaspersky Endpoint Security 11.1
under the default settings?
Correct answerNone
127.0.0.1/32
38. If the "Block" action is selected for the USB bus in Device Control of Kaspersky Endpoint
Security 11.1 for Windows, and "Allow" for the "Removable drives" category, will the users
be able to access removable drives connected over USB?
No
Yes
Incorrect answerYes, but only the users who have Local Administrator privileges
This scenario cannot be implemented in Kaspersky Endpoint Security 11.1 for Windows
Create a category for Internet Explorer, create an allow rule for this category, and move it to
the bottom of the list of rules
Create a category for Internet Explorer, create a rule allowing the start of programs of this
category, and place it higher on the list than the rule that prohibits "Browsers"
40. You want to block the start of a program on Windows servers. How can you do it with
Kaspersky Endpoint Security 11.1 for Windows?
Application Control
Enable the option to block banner links in the Web Threat Protection settings
Correct answerCreate a rule in the Web Control settings to block the content category
"Banners"
43. What should be changed to prohibit this possibility without affecting any other USB
devices?
No way, such a device cannot be blocked by Kaspersky Endpoint Security 11.1 for Windows
44. Consider Kaspersky Endpoint Security 11.1 and Kaspersky Security Center 11. How can
you tell which "KL category" a particular executable file belongs to?Partiellement correct 1/2
Run the "klbackup.exe" utility on the computer where the database is located
Run the "klbackup.exe" utility on the Administration Server, but with the "–path" switch
46. A commercial license has expired in an organization, and the money for purchasing a new
license will be allocated only in a month. Which functions of Kaspersky Endpoint Security
11.1 for Windows will NOT work until the new license is in place?
Correct answerUpdate
It helps to modify the parameters that Network Agent uses to connect to the Administration
Server
Incorrect answerIt synchronizes the Network Agent’s settings with the Administration Server
48. How often do Network Agents synchronize settings with the Administration Server under
the default settings?
Every 5 minutes
Every 60 minutes
Every 30 minutes
About all
50. Where can you approve installation of a Maintenance Release of Kaspersky Endpoint
Security in the Kaspersky Security Center Web Console?
Operations | Kaspersky Lab applications | Kaspersky Lab software updates and patches