Certified Professional: Kaspersky Next EDR Optimum (047.12.

6)

Preguntas totales

3.33 / 30

Puntuación de la evaluación

11.1%

Puntuación de aprobación

70%

1.How can you prohibit employees from using the Dropbox

cloud-based file-sharing service, but permit use of other file-
sharing services?

In the Cloud Discovery component settings, prohibit access to all cloud

services that belong to the ‘File sharing’ category

In the Cloud Discovery component settings, select the Block action for
the Dropbox service

Prohibit installation of Dropbox client applications on managed devices

2.For which type of Kaspersky Security Center installation is it

possible to create a “Perform Windows Update synchronization”
task?

For an on-premises installation only

For any installation

For a cloud-based installation only

3.The Kaspersky Security for Microsoft Office 365 administrator

created two policies for Exchange Online. The Anti-Spam module
is disabled in one of these policies, and enabled in the other.
The policy where Anti-Spam is disabled has a higher priority.
Will the Anti-Spam module scan a message whose recipient is
included in the list of protected users in both Exchange Online
policies and why?

The message will be scanned because the fact that Anti-Spam is enabled
in one policy and disabled in the other is more important than priority

The message will NOT be scanned because the policy where Anti-Spam
is disabled has a higher priority
Depends on the Microsoft Defender policy settings: you cannot disable
Anti-Spam in Kaspersky Security for Microsoft Office 365 unless you do
the same in Microsoft Defender

4.The administrator has enabled testing for Windows updates in

the “Install required updates and fix vulnerabilities” task. How
does Kaspersky Security Center check the test results?

It checks if Kaspersky Endpoint Security has sent any critical events from
the test computers

It checks if Network Agent has sent any critical events from the test
computers

It checks the Windows event log for critical events on the test computers

Kaspersky Security Center does not check the installation results of

Windows updates; that is the administrator’s responsibility

5.How can you stop isolating a computer from the network?

Remove the tag ‘Isolated from network’

Click the button ‘Unblock computer isolated from the network’ in the
detection card and remove the tag ‘Isolated from network’

Click the button ‘Unblock computer isolated from the network’ in the
detection card

Click the button ‘Unblock computer isolated from the network’ in the
settings of the Kaspersky Endpoint Security for Windows application in
the device properties

6.What do you need to do to be able to scan your Microsoft 365

cloud storage using the Data Discovery component?

Enable the Data Discovery component

Provide credentials of your Microsoft 365 global administrator account

In the settings of the Data Discovery component, specify the domain

name of your Microsoft 365 organization

Add the ‘Kaspersky DLP scanner’ application to your Microsoft 365

workspace using the global administrator account

7.The administrator clicks the button ‘Isolate computer from the

network’ in an alert card that reports malicious activity on the
Alex machine. Which of the following will isolate Alex from the
network?

The Firewall component of Kaspersky Endpoint Security

Windows Firewall

Network Agent

Endpoint Detection and Response Optimum

8.Where can information about the applications installed on

client computers be obtained?

From the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

registry branch

From the HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\

CurrentVersion\Uninstall registry branch

From the HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

registry branch

From the HKCU\SOFTWARE\Wow6432Node\Microsoft\Windows\

CurrentVersion\Uninstall registry branch

9.How can you find all computers that are isolated from the
network?

In the Managed devices menu by the value "Yes" in the column "Isolated
from the network"

In the Managed devices menu using the tag ‘Isolated from network’

Isolated computers are added to a special group ‘Isolated from network’

10.Regarding the Vulnerability and Patch Management

functionality of Kaspersky Security Center, for which type of
updates is the “Crossover of updates" tab available in the
properties?

Microsoft updates

For all updates

Third-party updates

For no updates
11.With regards to the Vulnerability and Patch Management
functionality of Kaspersky Security Center, the Download
updates to device without installing option is selected in
the properties of the “Install required updates and fix
vulnerabilities” task. Where will the downloaded updates be
stored?

In the %ProgramData%\KasperskyLab\adminkit folder on

the Administration Server

Windows updates and updates for third-party applications will be

downloaded to the client computer, to the folder specified in the task
settings

Only third-party updates will be downloaded to the folder specified in

the task settings

Only Windows updates will be downloaded to the folder specified in

the task settings

In the KLSHARE folder on the Administration Server

12.Is there a list of programs whose licenses can be controlled

with the Third-Party License Usage functionality in Kaspersky
Security Center?

No, the administrator manually specifies the path to each application’s

folder

Yes, in the “Executable files” section

Yes, in the “Applications registry” section

13.Which of the following device types can be displayed in

the Hardware section?

Computers

Mobile devices

Administration Servers

Distribution Points

Network devices

Network storages
14.In which two cases might it be useful to create a “Rule for all
updates” in an “Install required updates and fix vulnerabilities”
task?

When all updates approved by the administrator need to be installed

When installing updates for third-party applications

When only Microsoft updates need to be installed

When vulnerabilities need to be fixed based on their severity level

If Kaspersky Security Center is used as a WSUS server

If you need to install updates for all applications, including those whose
settings have the “Automatic Update status” option set to “Blocked”

15.The Alex machine has been isolated from the network. Now
you want to obtain a suspicious executable file for additional
analysis without deleting the original file from the isolated
computer. How can this be done?

Create and run a ‘Move file to Quarantine’ task

Create and run a ‘Get file’ task

You cannot obtain a file from an isolated computer using Endpoint

Detection and Response Optimum tools

16.Which built-in tools can the administrator use to remotely

access managed computers from Kaspersky Security Center?

Connect to Remote Desktop

Windows Desktop Sharing

Team Viewer

VNC Viewer

DameWare remote administration tool

17.What information is displayed for each object detected in the

organization's Microsoft 365 cloud storages when you work in
Kaspersky NEXT Pro View Console?

Last modification timestamp

Number of sensitive information items found in the file

Name of the service where the file was detected

Category of sensitive data detected in the file

18.Which of the following licenses enable customers to use the

Data Discovery functionality?

Kaspersky Next EDR Foundations

Kaspersky Next EDR Optimum

Kaspersky Next XDR Expert

19.The administrator uses Kaspersky Security Center as a WSUS

server. Which data does the “Perform Windows Update
synchronization” task download?

All available Windows updates

All Windows updates missing from the client computers

Metadata about the available Windows updates

There is an option in the task settings that allows you to select what to
download: updates or metadata

20.A third-party vulnerability and patch management tool is

used in the company. The administrator wants to disable the
gathering of data about vulnerabilities and installed
applications in Kaspersky Security Center to reduce traffic. How
can this be done?

Uninstall the Vulnerability Monitor component from client computers

Disable the sending of data about installed applications and

vulnerabilities in the Network Agent policy

Clear the Display Vulnerability and Patch Management checkbox in the

Kaspersky Security Center Administration Console

It is impossible

21.With regards to the Third-Party License Usage functionality

in Kaspersky Security Center, what will happen if the installation
limit is exceeded for a Licensed applications group?

When users run the application, they will see a pop-up warning about a
license violation
Launch of the application will be blocked on client computers

Installation of the application will be blocked on client computers

Kaspersky Security Center will log the corresponding event

22.Which applications can an “Uninstall application remotely”

task remove automatically?

Any applications

Any .msi applications

Any .exe applications

Any applications for which information about silent uninstallation is

available in the Kaspersky database of third-party applications

23.Which threats can the Anti-Spam module of Kaspersky

Security for Microsoft Office 365 repel?

Business Email Compromise (BEC)

Email address spoofing

Messages with business offers

Malicious links

List linking attacks

24.In the Vulnerability and Patch Management functionality of

Kaspersky Security Center, the “Install required updates and fix
vulnerabilities” task is based on rules. What type of rules are
suitable for installing third-party application updates released
within a specific period of time?

Rule for all updates

Rule for Windows Update

Rule for third-party updates

None

25.Select the prerequisites for the creation of an IOC Scan task

from an alert card in Endpoint Detection and Response Optimum

The Quarantine action has been performed for a malicious file

The alert card contains information either about a file with the MD5
checksum or about a started process

The alert card contains at least 2 events suitable for IOC creation

Alert is not older than one month from the date of creation

26.In which of the following services will the Data Discovery

component detect files with sensitive data if you use a
workspace in Kaspersky NEXT Pro View Console?

OneDrive

Exchange Online

SharePoint

Microsoft Teams (file sharing via a chat)

27.Which response actions can an administrator perform

remotely using Endpoint Detection and Response Optimum
functionality?

Quarantine a file

Kill a process

Delete a file

All of the above

28.You are using an on-premises Kaspersky Security Center Web

Console activated by a Kaspersky Next EDR Optimum license
key. What Cloud Discovery functionality is available to you?

View and download detailed reports on the use of cloud services

Block cloud services

View information about the risk level of using a cloud service

None of the above, the Cloud Discovery component is not available

under this license

29.The administrator wants to create an installation package for

the Mozilla Firefox browser using the database of third-party
applications available in Kaspersky Security Center. However,
the list of programs is empty in the package creation wizard.
Why?
The “Download updates to the repository” task has never been run on
the Administration Server

There is no Kaspersky Next EDR Optimum license on the Administration

Server

The “Perform Windows Update synchronization” task has never been run
on the Administration Server

30.What data about a file will a Kaspersky NEXT Pro View

Console administrator see if a user of their Microsoft 365
organization emails (via Exchange Online) a DOCX document
that contains a tax identification number and a credit card
number of a German citizen?

Data categories: IDs

Data categories: Cards, IDs

Service name: SharePoint

The file will not be detected