Scribd
Upload
964 views38 pages

Kaspersky Security Center FAQ

When the extended KSN mode is enabled in Kaspersky Security Center, it switches to KSN Proxy mode and starts caching requests sent to the KSN cloud. Extended statistical information, executable and non-executable files or their parts may also be sent. Kaspersky Security Center establishes a persistent communication channel to the KSN cloud and caches some information from the KSN cloud locally.

Uploaded by

Mecachis Piachis
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
964 views38 pages

Kaspersky Security Center FAQ

When the extended KSN mode is enabled in Kaspersky Security Center, it switches to KSN Proxy mode and starts caching requests sent to the KSN cloud. Extended statistical information, executable and non-executable files or their parts may also be sent. Kaspersky Security Center establishes a persistent communication channel to the KSN cloud and caches some information from the KSN cloud locally.

Uploaded by

Mecachis Piachis
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 38

Question 1

What happens when the extended KSN mode is enabled?

When the extended KSN mode is enabled, Kaspersky Security Center switches to the KSN Proxy mode and starts caching all
requests sent to the KSN cloud

When the extended KSN mode is enabled, extended statistical information is sent to the KSN cloud; executable and non-
executable files or their parts can also be sent

When the extended KSN mode is enabled, Kaspersky Security Center establishes a persistent communication channel to the KSN
cloud and caches part of the information from the KSN cloud on the local drive

Question 2
What is the purpose of virus scan tasks, if File Threat Protection is permanently running on the computers with the default settings?

They scan disk boot sectors

They scan files within archives, and thus decrease the risk of spreading infected files inadvertently

They scan files of all formats, and thus decrease the risk of spreading infected files inadvertently

They scan files on removable and network drives

Question 3
Consider Kaspersky Endpoint Security 11 for Windows. Which of the following user actions can be limited with the help of password
protection configured in the policy?

Exit Kaspersky Endpoint Security

Stop Kaspersky Endpoint Security service

Disable control components

Uninstall Kaspersky Endpoint Security

Delete the key

Question 4
When does the Administration Server send packets to the UDP port of the Network Agent?

Periodically (by default, once every 15 min)

At the administrator’s command Force synchronization

When the administrator creates a report

When the administrator adjusts settings applicable to the computer

Question 5
What does the network size selected in the Kaspersky Security Center Administration Server installation wizard influence?

The schedule of group tasks

The limit of events in the Administration Server database

The Administration Console interface settings

The synchronization interval in the KSC Network Agent policy


Question 6
Where can you find the list of computers blocked by the Network Threat Protection component?

In the local interface of Kaspersky Endpoint Security, in the Network Monitor window that you can open via the shortcut menu of
the Network Threat Protection component

In the local interface of Kaspersky Endpoint Security, in the Network Monitor window that you can open from the Protection
Componentswindow

In Kaspersky Security Center Administration Console, in the properties of the attacked computer, in the statistics window of the
Kaspersky Endpoint Security for Windows application

In Kaspersky Security Center Administration Console, in the node Advanced \ Repositories \ Quarantine

Question 7
Which networks are Trusted in the Firewall policy of Kaspersky Endpoint Security 11 under the default settings?

None

127.0.0.1/32

192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8

The networks to which the Administration Server is connected

Question 8
How to create a new installation package for Kaspersky Endpoint Security in the Kaspersky Security Center console?

Open the folder with installation packages and make a copy of the directory that contains a Kaspersky Endpoint Security package

Start the package creation wizard and specify the folder that contains Kaspersky Endpoint Security installation files, which must
include the description file with the .kud extension

Start the package creation wizard and specify the self-extracting installer of Kaspersky Endpoint Security, which can be
downloaded from the Kaspersky Lab website

Open the list of current application versions in Kaspersky Security Center Administration Console, select the necessary version of
Kaspersky Endpoint Security, and click the button Download and create installation package

Question 9
If the administrator mistyped the Administration Server address in the installation wizard, where can this address be modified in the
Administration Console?

In the properties of the Network Agent installation package

In the properties of the installation package of Kaspersky Endpoint Security

In properties of the node Advanced \ Remote installation \ Installation packages

In the properties of the Administration Servernode

Question 10
What does the Firewall do with a packet if cannot find a matching rule for it neither among packet rules, nor among rules for
applications?

Allows

Blocks
Prompts the user

The Firewall can always find a matching rule for a packet

Question 11
What version of SQL server is included in the Kaspersky Security Center 10 SP3 Administration Server distribution?

Microsoft SQL Server 2008 R2 Express

Microsoft SQL Server 2014 Express

Microsoft SQL Server 2016 Compact

None of the above

Question 12
What does a closed lock mean near a parameter in a group policy of Kaspersky Endpoint Security?

This parameter cannot be changed in the local interface of Kaspersky Endpoint Security

This parameter cannot be changed in the subgroups’ policies (unless inheritance is disabled)

This parameter can be changed only by the administrator who created the policy

This parameter is password-protected

Question 13
Installation on which virtual platforms does the Kaspersky Security Center 10 Administration Server support?

VMware vSphere

Microsoft Hyper-V Server

Citrix XenServer

KVM

VMware Workstation

Oracle VM VirtualBox

Parallels Desktop

Question 14
When does Network Agent connect to the Administration Server?

When a packet arrives to the Agent’s UDP port from the Server

When there is an event to be sent to the Server

Periodically (by default, once every 15 min)

When the user logs on to the system

Question 15
An administrator of ABC Inc. needs to remotely install Network Agent and Kaspersky Endpoint Security on five notebooks, which have
different local administrator accounts and are not on the domain. What would you advise?
Create an individual remote installation task for each notebook

Create a single remote installation task and specify accounts of all administrators there

Create a single remote installation task and run it five times; change the target computer and the administrator account every
time

Question 16
Which network polling methods are enabled by default in Kaspersky Security Center 10 Administration Server?

Quick Windows Network Poll

Full Windows Network Poll

Active Directory polling

IP range polling

Question 17
The network is protected with Kaspersky Endpoint Security 11 and managed with Kaspersky Security Center 10. The administrator has
cleared the check box Display program interface in the Kaspersky Endpoint Security policy 11 for Windows. What CANNOT be hidden
from the user?

Started processes of Kaspersky Endpoint Security

Started services of Kaspersky Endpoint Security

Kaspersky Endpoint Security in the list of installed programs

Kaspersky Endpoint Security icon in the notification area

Kaspersky Endpoint Security shortcut in the Startmenu

Question 18
Which resources, when blocked by the control components of Kaspersky Endpoint Security 11 for Windows, can be temporarily
allowed with the help of a special access key provided by the administrator?

Devices

Software

Web resources

None of the above

Question 19
Which of the following installation methods does NOT work if the computer’s shared folders are NOT accessible over the network?

Remote deployment using Windows resources

Installation from a standalone package

Remote installation using Active Directory

Installation using Network Agent

Question 20
Which component of Kaspersky Endpoint Security 11 for Windows except Web Threat Protection takes part in protection against
phishing?
File Threat Protection

Mail Threat Protection

Web Control

None of the above

Question 21
Which of the following threats does Web Threat Protection repel?

Attempts to download malicious files

Attempts to open a phishing website

Attempts to open a malicious website

Attempts to establish a secure connection to a website whose certificate is not trusted

Question 22
Which of the following components of Kaspersky Endpoint Security 11 for Windows does not use the KSN technology?

File Threat Protection

Virus Scan tasks

Exploit Prevention

Web Threat Protection

Network Threat Protection

Question 23
Where are installation logs of Kaspersky Endpoint Security and Network Agent stored after a remote installation?

In %ProgramData%\Kaspersky Lab

In the user’s %Temp% folder

In the system %Temp% folder

In the root of the system drive

Question 24
Consider a network protected with Kaspersky Endpoint Security 11 and managed through Kaspersky Security Center 10.
There is a group update task scheduled to start When new updates are downloaded to the repository. The databases are regularly
updated in the repository, but the group task starts on the client computers only after a planned synchronization rather than
immediately. Why?

UDP port 15000 is inaccessible on the client computer (for example, blocked by the firewall)

UDP port 15000 is inaccessible on the Administration Server (for example, blocked by the firewall)

Update agent is not assigned to the group

It is intended to function in this manner

Question 25
What happens when the cloud mode is enabled for the protection components?
When the cloud mode is enabled for the protection components, Kaspersky Endpoint Security uses a lite version of anti-virus
databases, but sends more requests to the KSN cloud

When the cloud mode is enabled for the protection components, Kaspersky Endpoint Security sends extended statistical
information to the KSN cloud and uses the full version of anti-virus databases

When the cloud mode is enabled for the protection components, Kaspersky Endpoint Security can send executable and non-
executable files or their parts to the KSN cloud

Question 26
Which of the following components of Kaspersky Endpoint Security 11 for Windows provides proactive defense against unknown
threats by analyzing the sequence of actions performed by a program?

Application Control

Host Intrusion Prevention

Behavior Detection

Question 27
Consider group A that contains a policy of Kaspersky Endpoint Security 11. Group A has subgroup B, which also contains a policy of
Kaspersky Endpoint Security 11. Which settings can be edited in the policy of group B?

Any

Only those parameters that are NOT locked in the policy of group A

Only those parameters that are locked in the policy of group A

Question 28
A third-party antivirus application has been incorrectly uninstalled on a few computers. Kaspersky Endpoint Security installation task
finds its registry keys and returns an error. The administrator wants to make the task ignore incompatible applications. How to achieve
this?

Clear the check box Uninstall incompatible applications automatically in the properties of the installation task

Clear the check box Uninstall incompatible applications automatically in the properties of the installation package of Kaspersky
Endpoint Security

Clear the check box Uninstall incompatible applications automatically in the properties of the installation package of Kaspersky
Network Agent

You cannot do it through the Kaspersky Security Center Console

Question 29
A computer running Windows 2012 Server is protected with Kaspersky Endpoint Security 11 having the default settings. The
administrator wants to use it as a print server, but no prints are being successful. What would be the reason for this?

Application Control blocks the start of the print server program

Host Intrusion Prevention blocks the main process of the print server

Firewall blocks network activity of the print server

The printer is blocked by Device Control

Question 30
Which of the following components of Kaspersky Endpoint Security 11 for Windows can block executable file start?
Behavior Detection

Application Control

Host Intrusion Prevention

Device Control

Question 31
Consider Kaspersky Endpoint Security 11 and Kaspersky Security Center 10. How can you tell which KL category a particular executable
file belongs to?

Consult the Executable files repository in the Administration Console

Consult the Application categories node in the Administration Console

Consult the Application Activity Monitor in the local interface of Kaspersky Endpoint Security 11

None of the above

Question 32
With which utility can you check connection between the Network Agent and the Administration Server and synchronize their
settings?

klmover.exe

klnagchck.exe

GetSystemInfo.exe

Question 33
Which program types does the installer of Kaspersky Security Center Network Agent consider incompatible and try to uninstall?

Third-party antiviruses

Third-party agents (such as ePO Agent)

Third-party backup tools

Third-party remote management tools (such as TeamViewer, VNC, RemoteAdmin)

None

Question 34
What does the File Threat Protection scope include with the default settings?

All removable drives

All hard drives

All network drives

Kernel Memory

Question 35
Under which conditions does Kaspersky Endpoint Security switch to the out-of-office mode with the default settings?

None. Conditions are not specified by default


After an unsuccessful synchronization with the Administration Server

After three unsuccessful synchronizations with the Administration Server or after all networks have been disconnected

Question 36
The administrator wants to configure the policy of Kaspersky Endpoint Security 11 for Windows to prohibit the use of all browsers
except Internet Explorer in the company. For this purpose, he or she creates an application category named Browsers, which coincides
with the Web Browsers KL category, and prohibits its start. How should the administrator configure the exclusion for Internet
Explorer?

Create an exclusion for Internet Explorer in the created Browsers category

Create a category for Internet Explorer, create a rule allowing the start of programs of this category and place it higher on the list
than the rule that prohibits Browsers

Create a category for Internet Explorer, create an allow rule for this category, and move it to the bottom of the list of rules

This scenario cannot be implemented in Kaspersky Endpoint Security 11 for Windows

Question 37
Kaspersky Security Center 10 uses a remote database. To make a backup copy of all data stored in the database, the administrator
needs to:

Just run the Backup of Administration Server data task, everything will be done automatically

Run the klbackup.exe utility on the computer where the database is located

Run the klbackup.exe utility on the Administration Server, but with the –path switch

None of the above

Question 38
Consider Kaspersky Security Center 10. What data is included into a backup copy of the Administration Server created with a
dedicated Kaspersky Security Center task?

The structure of managed computers

Regular (not stand-alone) application installation packages

The Administration Server database

The contents of the Updates repository

Question 39
Which of the following can the Mail Threat Protection component of Kaspersky Endpoint Security 11 for Windows do?

Scan webmail traffic

Filter e-mail attachments

Scan SMTP/POP3/IMAP/NNTP traffic

Scan MAPI traffic in Microsoft Office Outlook


Question 40
On a computer where Administration Server is installed, the hard drive has failed and the data has been lost. Fortunately, the
administrator has a backup copy of the Administration Server configuration and data, which was created by standard tools of
Kaspersky Security Center 10. How can the administrator start the recovery procedure?

Use the recovery mode in the installation wizard of the Administration Server

Use the recovery mode in the Quick Start wizard of the Administration Server

Run the “Restore from backup” task in the Administration Console

Use a special utility for backup and restore

Pagina IV-56

Question 41
How to make the Network Agent perform an unplanned synchronization from the client side?

Carry out the command klnagchk without parameters

Carry out the command klnagchk -sync

Carry out the command klnagchk -sendhb

It is impossible

Question 42
Which of the listed below is a known limitation of the Web Control component in Kaspersky Endpoint Security 11?

It can’t block content by data type over an https connection

It can’t block any website accessed over an https connection

It works only with the mainstream web browsers, such as Internet Explorer, Mozilla Firefox, Google Chrome

None of the above

Question 43
Which connections are High Restricted applications prohibited from establishing in Trusted networks under the default settings?

None

DNS requests and connections over mail protocols

DNS, e-mail, remote desktop connections, and ICMP protocol

All

Question 44
Which updates will be downloaded to the Administration Server repository by default in Kaspersky Security Center 10?
Only Kaspersky Endpoint Security 11 for Windows

Only for the Kaspersky Lab applications installed on the client computers and those for which there are installation packages in
the repository

Only for the components used by the Kaspersky Lab applications on the client computers

For the applications whose plugins are installed on the Administration Server

Question 45
Which of the following installation methods does NOT work if the computer is NOT on the domain?

Remote deployment using Windows resources

Installation from a standalone package

Remote installation using Active Directory

Installation using Network Agent

Question 46
You need a standalone installation package of Kaspersky Endpoint Security 11 that automatically uninstalls incompatible applications.
How would you create one in Kaspersky Security Center 10?

Any standalone installation package of Kaspersky Endpoint Security 11 automatically uninstalls incompatible applications

Select the check box Uninstall incompatible applications automatically in the properties of the standalone installation package

Select the check box Uninstall incompatible applications automatically in the properties of the normal installation package of
Kaspersky Endpoint Security 11 prior to creating a standalone installation package

Select the check box Uninstall incompatible applications automatically in the properties of the normal installation package of
Kaspersky Network Agent prior to creating a standalone installation package

Question 47
A workstation is managed remotely through Kaspersky Security Center 10 with the default settings. Which of the following events
invoke pop-up notifications in the local interface of Kaspersky Endpoint Security 11 for Windows?

Threats have been detected

Suspicious object detected

Network attack detected

Application startup prohibited

Question 48
Which permission is to be given to a trusted process in Trusted zone of Kaspersky Endpoint Security to make File Threat Protection
NOT scan files the process accesses?

Do not scan opened files

Do not monitor application activity

Do not block interaction with the application interface

Special permissions are not necessary, File Threat Protection does not scan any files accessed by trusted processes
Página II-21

Question 49
A network is protected with Kaspersky Endpoint Security 11 for Windows and managed by Kaspersky Security Center 10 with the
default settings. The administrator disabled displaying the Kaspersky Endpoint Security interface on clients. Users have discovered the
KES folders on the hard drive and decided to try to get rid of the protection. How can they do it, supposing they have local
administrator rights?

Uninstall Kaspersky Endpoint Security

Uninstall Network Agent and then disable automatic startup of Kaspersky Endpoint Security 11

Terminate the process of Kaspersky Endpoint Security

Stop the service of Kaspersky Endpoint Security

Question 50
Which component is NOT available in Kaspersky Endpoint Security 11 for Windows?

Firewall

Device Control

File and Folder Backup

Full Disk Encryption

1. How to make the exclusion work on the computers immediately after Kaspersky Endpoint Security is installed rather than after
computers download the policy?
The administrator has found out that Kaspersky Endpoint Security conflicts with homeware, and added an exclusion to the policy.

Move new computers to the group where the policy is configured before installing Kaspersky Endpoint Security

Set the Network Agent’s synchronization interval to 0 minutes

Add a configuration file with the exclusion to the installation package of Kaspersky Endpoint Security (you can export the settings
on an already configured computer)
Export the policy to a file and copy it into the folder where the installation package files of Kaspersky Endpoint Security are
located

2. How does the remote installation task of Kaspersky Endpoint Security for Windows 11 behave by default if a third-party protection
application is detected on a computer?

Installs Kaspersky Endpoint Security, but completes with a warning that the third-party protection application must be uninstalled

Returns an error and prompts the administrator to uninstall the application manually

Prompts the user whether to uninstall the third-party protection application

Uninstalls the third-party protection application automatically and proceeds with the installation

3. You need a standalone installation package of Kaspersky Endpoint Security 11 that automatically uninstalls incompatible
applications. How would you create one in Kaspersky Security Center 10?

Any standalone installation package of Kaspersky Endpoint Security 11 automatically uninstalls incompatible applications

Select the check box "Uninstall incompatible applications automatically" in the properties of the standalone installation package

Select the check box "Uninstall incompatible applications automatically" in the properties of the normal installation package of
Kaspersky Endpoint Security 11 prior to creating a standalone installation package

Select the check box "Uninstall incompatible applications automatically" in the properties of the normal installation package of
Kaspersky Network Agent prior to creating a standalone installation package

4. The Administrator has configured the Kaspersky Endpoint Security 11 installation package to perform a Basic installation. Which of
the following components will be installed on workstations?

Host Intrusion Prevention

Application Control

Device Control

Behavior Detection

Exploit Prevention

Firewall

Remediation Engine

5. Select the correct statements about the KL-AK-<alphanumeric combination> account created by the installation wizard of Kaspersky
Security Center Administration Server:El número máximo de respuestas ha sido seleccionado

It is included in the BUILTIN\Administrators group

It cannot be used to log on to the system locally

It has the same permissions as the BUILTIN\Administrators group

It is included in the Domain Admins group


It is included in the KLAdmins group

6. Installation on which of the following operating systems does Kaspersky Endpoint Security for Windows 11 support?El número
máximo de respuestas ha sido seleccionado

Microsoft Windows 8.1

Microsoft Windows 10

Microsoft Windows Vista

Microsoft Windows 7

Microsoft Windows 8

Microsoft Windows XP

7. Which level of permissions is required to be able to install Kaspersky Endpoint Security 11 for Windows on the computer?

User

Power user

Local administrator

Domain administrator

8. How to achieve this?


A third-party antivirus application has been incorrectly uninstalled on a few computers. Kaspersky Endpoint Security installation task
finds its registry keys and returns an error. The administrator wants to make the task ignore incompatible applications.

Clear the check box "Uninstall incompatible applications automatically" in the properties of the installation package of Kaspersky
Network Agent

Clear the check box "Uninstall incompatible applications automatically" in the properties of the installation task

Clear the check box "Uninstall incompatible applications automatically" in the properties of the installation package of Kaspersky
Endpoint Security

You cannot do it through the Kaspersky Security Center Console

9. On which Windows Server 2012 editions can Kaspersky Security Center 10 Administration Server be installed?

Standard edition

Enterprise edition

Datacenter edition

None of the above

10. If the administrator mistyped the Administration Server address in the installation wizard, where can this address be modified in
the Administration Console?El número máximo de respuestas ha sido seleccionado

In the properties of the installation package of Kaspersky Endpoint Security


In the properties of the Administration Server node

In the properties of the Network Agent installation package

In properties of the node Advanced \ Remote installation \ Installation packages

11. What does a closed lock mean near a parameter in a group policy of Kaspersky Endpoint Security?El número máximo de
respuestas ha sido seleccionado

This parameter cannot be changed in the local interface of Kaspersky Endpoint Security

This parameter cannot be changed in the subgroups’ policies (unless inheritance is disabled)

This parameter can be changed only by the administrator who created the policy

This parameter is password-protected

12. Which program types does the installer of Kaspersky Security Center Network Agent consider incompatible and try to uninstall?

Third-party backup tools

Third-party remote management tools (such as TeamViewer, VNC, RemoteAdmin)

Third-party agents (such as ePO Agent)

None

Third-party antiviruses

13. Installation on which of the following operating systems does Kaspersky Endpoint Security for Windows 11 support?El número
máximo de respuestas ha sido seleccionado

Microsoft Windows Server 2012 Foundation

Microsoft Small Business Server 2011

Microsoft Windows Embedded Standard 7

Microsoft Windows Server 2012 R2 (Server Core)

14. Where does Kaspersky Security Center store events of the computers that the administrator can see in the reports?

In an SQL/MySQL database

In the Windows Event Log

In Kaspersky Security Network

In text event logs

15. Which of the following database servers can Kaspersky Security Center work with?El número máximo de respuestas ha sido
seleccionado

Microsoft SQL
MySQL

Oracle

PostgreSQL

DB2

16. Which of the following installation methods does NOT work if the computer’s shared folders are NOT accessible over the network?

Remote installation using Active Directory

Remote deployment using Windows resources

Installation from a standalone package

Installation using Network Agent

17. The administrator has disconnected an old computer from the network. When will its record disappear from the Network
poll\Domains node in the Administration Console, provided the Administration Server has the default settings?

After the next quick Windows network poll

After the next full Windows network poll

In 60 days

In 7 days

18. The administrator has created a standalone package. Which of the following ports must be opened in the firewall for the users to
be able to download the package using the automatically created http link?
Kaspersky Security Center 10 Administration Server is protected with a third-party firewall.

15000

8060 and 8061

13291

80 and 443

19. Consider Kaspersky Security Center 10. There is an Automatic installation task created for the Kaspersky Network Agent in the
Managed devices group. However, you want to exclude one of the subgroups from automatic installation. Is this possible?

Yes, you can set this up in the Automatic installation section in the group properties

Yes, you can set this up in the Exclusions from task scope section in the task settings

This is not possible for the automatic installation task of the Kaspersky Network Agent

No, because Automatic installation tasks don’t have exclusion settings

21. Which of the following remote installation methods can be used in the Install Application remotely task in Kaspersky Security
Center 10 when the Network Agent is not selected to be deployed?El número máximo de respuestas ha sido seleccionado
Using operating system tools: shared folders and remote procedure call (RPC)

Using Logon Scripts in the Active Directory

Using Network Agent

Using Group Policy Objects (GPO) in the Active Directory

22. When configuring a standalone installation package of Kaspersky Endpoint Security 11 for Windows in Kaspersky Security Center
10 for computers that do not have access to the network, how would you include custom protection settings into the package?

Export the policy of Kaspersky Endpoint Security 11 for Windows with the necessary settings to a file and copy this file into the
folder that contains the standalone installation package files

Export the policy of Kaspersky Endpoint Security 11 with the configured settings and specify this file as the configuration file in
the properties of the regular installation package prior to creating a standalone package

Export the settings from the local Kaspersky Endpoint Security 11 interface and specify this file as the configuration file in the
properties of the regular installation package prior to creating a standalone package

Export the settings from the local Kaspersky Endpoint Security 11 interface and copy this file into the folder where the standalone
package is located

23. Installation on which virtual platforms does the Kaspersky Security Center 10 Administration Server support?

VMware Workstation

Citrix XenServer

VMware vSphere

KVM

Microsoft Hyper-V Server

Parallels Desktop

Oracle VM VirtualBox

CANCELARRESTABLECERSIGUIENTEENVIAR

24. A network is protected with Kaspersky Endpoint Security 11 for Windows and managed by Kaspersky Security Center 10 with the
default settings. What should the administrator do to completely prohibit disabling the protection without hiding it?

Set a password for uninstalling Kaspersky Endpoint Security

Set a password for pausing protection

Prohibit stopping the Kaspersky Endpoint Security service

Block access to the Kaspersky Endpoint Security process


25. The administrator wants to prohibit notebooks from connecting to Wi-Fi while using a wired connection. Which component of
Kaspersky Endpoint Security can help to achieve this?

Firewall

Host Intrusion Prevention

Anti-Bridging

26. Select the correct statements about Web Threat Protection of Kaspersky Endpoint Security:El número máximo de respuestas ha
sido seleccionado

It scans data in secure connections (SSL/TLS)

It scans HTTP and FTP protocols

It scans data in inbound connections established from outside

It scans data in outbound connections

27. Which compound objects does File Threat Protection scan under the default settings?

Archives

None

Office files

Installation packages

28. Which of the following components of Kaspersky Endpoint Security 11 for Windows provides proactive defense against unknown
threats by analyzing the sequence of actions performed by a program?

Behavior Detection

Host Intrusion Prevention

Application Control

29. How can you exclude a file from the File Threat Protection scope?

Set the maximum file scan time

Add the certificate with which files are signed to the computers’ certificate store and configure an exclusion for this store

Modify the protection scope of File Threat Protection

Add the program that accesses files to the list of trusted processes

Add the path to the file or folder to the list of exclusions

30. Which parameters do you need to disable in the policy to stop Kaspersky Endpoint Security from sending extended statistical
information and files or their parts to the KSN cloud?

Kaspersky Security Network


Use of KSN Proxy

Cloud mode for protection components

Extended KSN mode

31. Select the most correct description for the Host Intrusion Prevention component:

It monitors file operations and scans files being accessed

It logs actions taken by applications and blocks applications that demonstrate dangerous activity patterns

It intercepts software start attempts and blocks applications according to the rules configured by the administrator

It analyzes individual operations performed by applications and prohibits little-known applications from taking potentially
dangerous actions

32. What does the File Threat Protection scope include with the default settings?

All network drives

All removable drives

All hard drives

Kernel Memory

33. Consider Kaspersky Endpoint Security 11 for Windows. When the Behavior Detection component recognizes dangerous activities,
which of the following actions can it take?El número máximo de respuestas ha sido seleccionado

Delete the file

Move the file to Quarantine

Terminate the program

Disinfect

34. Which of the following components of Kaspersky Endpoint Security 11 for Windows do NOT scan files?El número máximo de
respuestas ha sido seleccionado

Network Threat Protection

BadUSB Attack Prevention

Mail Threat Protection

Web Threat Protection

35. How should the administrator disable the use of KSN in the Kaspersky Endpoint Security 11 on the client computers?
The administrator selected to accept KSN statement and allow the use of KSN in the Quick Start Wizard during the installation of the
Kaspersky Security Center 10 Administration Server. Later, the management decided to opt out of using KSN.

Reinstall the Administration Server and choose not to use KSN in the Quick start wizard
Clear the check box that allows the use of KSN in the properties of the Administration Server

It is not possible

Disable the use of KSN in the Kaspersky Endpoint Security 11 policy

36. Which permission is to be given to a trusted process in Trusted zone of Kaspersky Endpoint Security to make File Threat Protection
NOT scan files the process accesses?

Do not block interaction with the application interface

Do not monitor application activity

Do not scan opened files

Special permissions are not necessary, File Threat Protection does not scan any files accessed by trusted processes

37. In which case will Kaspersky Endpoint Security 11 for Windows consider a file to be non-infected?

Signature or heuristic analysis returned the Clean verdict, while the KSN database considers the file to be infected

Signature or heuristic analysis returned the Infected verdict, while the KSN database considers the file to be clean

38. Which program types does the installer of Kaspersky Endpoint Security consider incompatible and try to uninstall? El
número máximo de respuestas ha sido seleccionado

Third-party antiviruses

Third-party backup tools

Third-party firewalls

Third-party remote management tools (such as TeamViewer, VNC, RemoteAdmin)

39. In what case does the Quick Start wizard create the Send reports task on the Kaspersky Security Center 10 Administration Server?

If More than 5000 computers on the network option was selected in the installation wizard

If e-mail notification parameters are specified in the Quick Start wizard

If the installation wizard finds a correctly configured local mail client

The Quick Start wizard does not create the Send reports task

40. If the administrator mistyped the Administration Server address in the installation wizard, where can this address be modified in
the Administration Console? El número máximo de respuestas ha sido seleccionado

In properties of the node Advanced \ Remote installation \ Installation packages

In the properties of the Administration Server node

In the properties of the installation package of Kaspersky Endpoint Security

In the properties of the Network Agent installation package


41. Which functions of Kaspersky Endpoint Security for Windows are NOT available under the KESB Select license?

Full Disk Encryption

Device Control

File Level Encryption

Integrity Check

Under which scenario would a Kaspersky Endpoint Security 11 installation require a system restart?

If the product is installed on a non-server operating system

If a program incompatible with Kaspersky Endpoint Security 11 is detected on the computer and the installer removes it

When migrating from a previous version of Kaspersky Endpoint Security

If the Device Control component is selected to be installed

Which executable files will get into this category?

The administrator of Kaspersky Security Center 11 connects the ММС console to the locally installed Administration Server, creates an
automatically filled application category, and specifies the С:\Program Files\Microsoft\ folder as a parameter.

The files whose SHA-256 checksum coincides with the checksum of a file located in С:\Program Files\Microsoft\ on the
Administration Server

The files whose MD5 checksum coincides with the checksum of a file located in C:\Program Files\Microsoft\ on the
Administration Server

The files that have the same certificate as a file located in С:\Program Files\Microsoft\ on the Administration Server

The files whose metadata coincides with the metadata of a file located in С:\Program Files\Microsoft\ on the Administration
Server
There are no computers with these addresses or names anywhere else in the network. How to configure computer relocation rules?

The administrator needs to organize computers from a subnet into a group. The administrator knows that historically, some of
computers of this subnet receive addresses from the range 192.168.100.100 through 192.168.100.199, and names of other computers
start with “PROD”.

Create a relocation rule and specify both conditions in it: the range of IP addresses and the name mask, and also select the
checkbox Apply the rule if at least one of the conditions is matched

Relocation rules cannot solve this task

Create two relocation rules for the same group: in one of them, specify the IP range condition, and in the other one, the name
mask

Create a relocation rule and specify both conditions in it: the range of IP addresses and the name mask

What does the Administration Server store in the KLSHARE shared folder? El número máximo de respuestas ha sido seleccionado

Updates for managed products

Database of events

Standalone installation packages

Tasks and policies for managed computers

Installation packages

Group tasks and a protection policy are defined for Kaspersky Endpoint Security 11 for Windows in the “Managed devices” group. You
want to apply completely different settings to a particular subgroup. How can you achieve this? El número máximo de respuestas ha
sido seleccionado

Exclude this subgroup from the parent policy

Exclude this subgroup from the parent group tasks

Create a new policy in the subgroup and disable inheritance in its settings
Create new group tasks in the subgroup and disable inheritance in their settings

You can’t do this, tasks and policies are always inherited

Select the correct statements about policies in Kaspersky Security Center: El número máximo de respuestas ha sido seleccionado

To make policy settings enforced on the computers, the respective locks must be closed
There are active and inactive policies

Active subgroups’ policies by default inherit the locked settings of the active policy of a parent group (as far as policies of the same
application are concerned)

The administrator can exclude a subgroup from a policy’s scope

There may not be more than one active policy for the same application in a group

The administrator can create a policy for a set of computers belonging to different groups

1.Which settings of the "Install applications remotely" task would you need to edit for the installation to complete successfully?

Following an installation of the Kaspersky Security Center 10 using the "Standard" option in the installation wizard, you create a "KES
installation" group and place network computers in that group. Additionally you enable the automatic installation of Network Agent
and Kaspersky Endpoint Security within the group properties.

Specify the license key

Specify the list of accounts to be used to run the task

Change the installation method

Nothing is to be changed

1.Which of the following database servers can Kaspersky Security Center work with?

MySQL

Microsoft SQL

PostgreSQL

DB2

Oracle
24. Which of the following can the Mail Threat Protection component of Kaspersky
Endpoint Security 11 for Windows do?

Scan webmail traffic

Filter e-mail attachments

Scan SMTP/POP3/IMAP/NNTP traffic

Scan MAPI traffic in Microsoft Office Outlook

25. In which case can you comparatively safely disable scan of network drives by
File Threat Protection of Kaspersky Endpoint Security?

Web Threat Protection is enabled on the computers, which scans data transferred over the network

Protection software is installed on the servers where network drives are located

Network Threat Protection is enabled on the computers, which scans data transferred over the network

A scheduled virus scan task is configured for the computers, which scans network drives

26. Which of the following can the Mail Threat Protection component of Kaspersky
Endpoint Security 11 for Windows do?
Scan webmail traffic

Filter e-mail attachments

Scan SMTP/POP3/IMAP/NNTP traffic

Scan MAPI traffic in Microsoft Office Outlook

27. In which case can you comparatively safely disable scan of network drives by
File Threat Protection of Kaspersky Endpoint Security?

Web Threat Protection is enabled on the computers, which scans data transferred over the network

Protection software is installed on the servers where network drives are located

Network Threat Protection is enabled on the computers, which scans data transferred over the network

A scheduled virus scan task is configured for the computers, which scans network drives

28. Which scan scope does the virus scan task have, which the Quick Start wizard of
Kaspersky Security Center creates for Kaspersky Endpoint Security?

Kernel Memory, Running processes and Startup Objects, Disk boot sectors, %systemroot%\, %systemroot
%\system\, %systemroot%\system32\,

%systemroot%\system32\drivers\, %systemroot%\syswow64\, %systemroot%\syswow64\drivers\


All removable drives, all local drives, all network drives
Kernel Memory, Running processes and Startup Objects, Disk boot sectors,

%systemroot%\, %programfiles%\, %programfiles(x86)%

The whole computer

29. Select the most correct description for the Host Intrusion Prevention component:

It analyzes individual operations performed by applications and prohibits little-

known applications from taking potentially dangerous actions

It logs actions taken by applications and blocks applications that demonstrate

dangerous activity patterns

It intercepts software start attempts and blocks applications

according to the rules configured by the administrator

It monitors file operations and scans files being accessed

30. Which component of Kaspersky Endpoint Security 11 for Windows analyzes the
behavior of already running executable files to detect malware activity?

Behavior Detection
Network Threat

Protection

Host Intrusion

Prevention

Kaspersky

Security Network
31. You want the Firewall in Kaspersky Endpoint Security 11 for Windows to allow any
packets from 192.168.12.25. How can you achieve this?

Create an Application control rule that allows all inbound and outbound packets

to/from 192.168.12.25, and specify «*» for the application Specify a network

with address 192.168.12.25/32 and assign the Trusted Network status to it

Create an exclusion for the address 192.168.12.25 in the Trusted zone


Create a Network packet rule that allows all inbound and outbound packets to/from the address
192.168.12.25 and place it on top of the rule list

32. Which compound objects does File Threat Protection scan under the default settings?

Archives
Office files
None
Installation packages

33. What is the purpose of virus scan tasks, if File Threat Protection is permanently
running on the computers with the default settings?

They scan files on removable and network drives


They scan files of all formats, and thus decrease the risk

of spreading infected files inadvertently

They scan files within archives, and thus decrease the

risk of spreading infected files inadvertently

They scan disk boot sectors

34. What happens when the extended KSN mode is enabled?

When the extended KSN mode is enabled, Kaspersky Security Center switches to the KSN Proxy mode
and starts caching all requests sent to the KSN cloud
When the extended KSN mode is enabled, extended statistical information is sent to
the KSN cloud; executable and non-executable files or their parts can also be sent

When the extended KSN mode is enabled, Kaspersky Security Center establishes a persistent
communication channel to the KSN cloud and caches part of
35. What is the purpose of virus scan tasks, if File Threat
Protection is permanently running on the computers with the
default settings?

They scan files on removable and network drives


They scan files of all formats,

and thus decrease the risk of

spreading infected files

inadvertently

They scan files within archives,

and thus decrease the risk of

spreading infected files

inadvertently

They scan disk boot sectors

36. What happens when the extended KSN mode is enabled?

When the extended KSN mode is enabled, Kaspersky Security Center switches
to the KSN Proxy mode and starts caching all requests sent to the KSN cloud
When the extended KSN mode is enabled, extended statistical
information is sent to the KSN cloud; executable and non-
executable files or their parts can also be sent

When the extended KSN mode is enabled, Kaspersky Security Center


establishes a persistent communication channel to the KSN cloud and caches
part of

35 Which component of Kaspersky Endpoint Security 11 for Windows except Web


Threat Protection takes part in protection against phishing?

Web Control
Mail Threat Protection
File Threat Protection
None of the above
36. Consider Kaspersky Endpoint Security 11 for Windows. When the Behavior
Detection component recognizes dangerous activities, which of the following actions
can it take? El número máximo de respuestas ha sido seleccionado

Disinfect
Terminate the program
Move the file to Quarantine
Delete the file

37. Which networks are Trusted in the Firewall policy of Kaspersky Endpoint Security 11
under the default settings?

The networks to which the Administration Server is connected


None
127.0.0.1/32
192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8

13. Which policy settings are compulsory in Kaspersky Security


Center?

Unlocked policy settings

Active policy settings

Locked policy settings

13. Why?
You plan to use SNMP protocol to monitor status and receive
notifications from Kaspersky Security Center 10 Administration
Server. However, the "SNMP agent" component is missing from
the list of Administration Server components in the installation
wizard. Guia I-26

"SNMP agent" is not displayed if the SNMP service (a component of

Windows operating system) is not installed on the computer

"SNMP agent" is an Administration Console component, not a Server

component
The "SNMP agent" component has a separate installer

"SNMP agent" is always installed, it does not need to be selected as an option

14. Which component is NOT available in Kaspersky Endpoint


Security 11 for Windows? El número máximo de respuestas ha sido
seleccionado

Host Intrusion Prevention

Windows Integrity Check

IM Anti-Virus

Web Control

BitLocker Management

15. How would you make this change?


During the installation of Kaspersky Security Center 10, the DNS name of
the Administration Server was specified for its connection address. Before
deploying Kaspersky Network Agents, the administrator decides that the
Server’s IP address should be used for connections. Guia I-35

Run the Quick Start wizard again

Modify the address in the

Administration Server policy

Modify the address in the Network

Agent policy

Modify the Administration Server address in the properties of the Network

Agent installation package


16. What can the administrator do to enable editing for all settings of
the subgroup B policy?
Consider group A that contains a policy of Kaspersky Endpoint Security
11. Group A has subgroup B, which also contains a policy of Kaspersky
Endpoint Security 11. The administrator has noticed that some of the
settings cannot be changed in the policy of subgroup B.
El número máximo de respuestas ha sido seleccionado

Clear the Inherit settings from upper-level policy check box in the group B
policy

Clear the Force inheritance of settings in child policies check box in the

group A policy

Make the group A policy

inactive

In the policy of group A, exclude subgroup B from the policy scope

17. You want to publish installation packages in Active


Directory group policy via the Kaspersky Security Center
10 Administration Server. Which packages can be
published this way?

Any packages available in the "Installation

packages" repository

Packages of Kaspersky Lab products only

Only Kaspersky Network Agent packages

None

18. In which of the following situations you need NOT


specify the administrator account in the remote
installation task? El número máximo de respuestas ha sido
seleccionado

The computer has been prepared with the RIPrep.exe utility

The administrator account is disabled on the remote computer

Kaspersky Endpoint Security 10 SP2 is already installed on the computer

The account of the Administration Server service has administrator

permissions on the computer

Network Agent is already installed on the computer and connected to the

Server

Windows 10 operating system is installed on the computer

19. Which of the following database servers does Kaspersky


Security Center 10 SP3 Administration Server support? El
número máximo de respuestas ha sido seleccionado

Microsoft SQL Server 2014

Microsoft

SQL Server

2005

Microsoft SQL Server 2008 R2


Microsoft SQL Server 2012
Microsoft SQL Server 2016

21. Installation on which of the following virtual platforms does Kaspersky


Endpoint Security for Windows 11 support?

Oracle VM VirtualBox

Microsoft Hyper-V

Citrix Provisioning Services

Citrix XenDesktop

VMware ESXi
KVM

22. In which cases does the Administration Server update databases in the
installation packages of Kaspersky Endpoint Security? Guia I-59-I60

Every time after databases are updated in the repository

When the package is created

When the administrator clicks the button Update databases in the package

properties

Daily, after databases are updated in the repository

23. In which cases does the Administration Server update databases in the
installation packages of Kaspersky Endpoint Security? Guia I-59-I60

Every time after databases are updated in the repository

When the package is created

When the administrator clicks the button Update databases in the package

properties

Daily, after databases are updated in the repository

24. Select the correct statements about how File Threat


Protection safeguards a computer with the default settings:

Scans all file types

Scans potentially dangerous files

Scans all files, even those that have not been changed
Scans only new and changed files

24. Where can you specify the conditions under which Kaspersky Endpoint
Security 11 switches to the out-of-office policy?

The conditions are hard-coded and you cannot modify them

In the Administration Server policy

In the Network Agent policy

In the policy of Kaspersky Endpoint Security

38. However, access to facebook.com has been blocked for everyone. Why?

In the Web Control section of the Kaspersky Endpoint Security 11


policy, you created a rule that prohibits all users from opening
facebook.com (http://facebook.com) and a rule that allows the HR
department to access facebook.com (http://facebook.com).

Web Control exclusions are to be specified in the Trusted zone

The blocking rule is higher than the allowing rule on the list

The standard Default allowing rule is disabled

A blocking rule always has priority over allowing rules

39. Consider Kaspersky Security Center 10. Which features or


components provide the data that populate the Executable files
node in the Administration Console?
Vulnerability scan task of Kaspersky Endpoint Security 11

Application Control of Kaspersky Endpoint Security 11

Kaspersky Security Center 10 Network Agent

Host Intrusion Prevention of Kaspersky Endpoint Security 11

Inventory task of Kaspersky Endpoint Security 11

40. Which of the components within Kaspersky Endpoint Security 11 for


Windows is the right tool for the job?

The administrator wants to prohibit the users from starting any browser
except for Internet Explorer. They don’t want to block any other kinds of
applications.

Web Control

Host Intrusion Prevention

Application Control

Device Control

41. Which of the control components within Kaspersky Endpoint


Security 11 for Windows permit specifying different limitations for
different users?

Host Intrusion Prevention

Device Control
Web Control

Application Control

42.Which executable files will get into this category?


The administrator of Kaspersky Security Center 10 connects the console to the locally
installed Administration Server, creates an automatically filled application category, and
specifies the С:\Program Files\Microsoft\ folder as a parameter.

The files whose SHA-256 checksum coincides with the checksum of a file located in С:\Program
Files\Microsoft\ on the Administration Server

The files that have the same certificate as a file located in С:\Program Files\Microsoft\ on the
Administration Server

The files whose MD5 checksum coincides with the checksum of a file located in C:\Program
Files\Microsoft\ on the Administration Server

The files whose metadata coincides with the metadata of a file located in С:\Program
Files\Microsoft\ on the Administration Server

43. Consider Kaspersky Endpoint Security 11 for Windows. You want to block banners on the
web pages visited by the users.

How can you achieve this?

Enable the Anti-Banner component None of the above

Create a rule in the Web Control settings to block the content category Banners

Enable the option to block banner links in the Web Threat Protection settings

44. Which of the control components of Kaspersky Endpoint Security 11 for Windows can apply
access rules on schedule?

Device Control

Host Intrusion Prevention

Web Control

Application Control
45. A commercial license has expired in an organization, and the money for purchasing a
new license will be allocated only in a month. Which functions of Kaspersky Endpoint Security
11 for Windows will NOT work until the new license is in place?

Management via Kaspersky Security Center

Update

Real-time protection components

Virus Scan tasks

45. Which server ports must be opened for the client computers to update
successfully?

Consider Kaspersky Security Center 10 and Kaspersky Endpoint Security


11 for Windows. The Administration Server is installed with standard
settings and is specified as the update source in group tasks.

TCP port 13000

UDP ports 137 and 138, TCP ports 139 and 445

HTTP port 80

TCP ports 8060 and 8061

46. Consider Kaspersky Security Center 10. What data is included


into a backup copy of the Administration Server created with a
dedicated Kaspersky Security Center task?

The contents of the Updates repository

The Administration Server database

Regular (not stand-alone) application installation packages

The structure of managed computers

47. Consider Kaspersky Security Center 10. Which of the following


conditions can make the backup copying task return an error on
the Administration Server?

The Download updates to the repository task is running on the server


(backup copying cannot be started until updating is finished)

The Administration Server account has no Write permissions for the backup
target directory

The drive where the backup directory is located lacks free space

The database server account has no Write permissions for the backup target
directory

48. Which updates will be downloaded to the Administration Server


repository by default in Kaspersky Security Center 10?

Only for the components used by the Kaspersky Lab applications on the
client computers

For the applications whose plugins are installed on the Administration Server

Only Kaspersky Endpoint Security 11 for Windows


Only for the Kaspersky Lab applications installed on the client computers and those for
which there are installation packages in the repository

50. Can the start of group update tasks be randomized in Kaspersky Security Center 10
to avoid simultaneous connections of all
client computers to the Administration Server?

No

Yes, but only if the computers are organized into several subgroups with update tasks
having different schedules

Yes, but only if the From 1000 to 5000 computers or More than 5000 computers option
was selected during the installation of the Administration Server

Yes

Which components of Kaspersky Endpoint Security for


Windows can be installed on a server operating system?

Application Control

Host Intrusion Prevention

Remediation Engine

Behavior Detection

Exploit Prevention

You might also like