[Link] of the following does Kaspersky Security Network do?

º Informs protection components of Kaspersky Endpoint Security

whether a file is malicious

º Communicates file reputation (trust level) to the Firewall and Host

Intrusion Prevention
º Provides detailed description of threats for events and reports of
Kaspersky Security Center

Protects the file versions provided by software manufacturers against

false positives

[Link] need a stand-alone installation package of Kaspersky

Endpoint Security 11.6 for Windows that will automatically
uninstall incompatible applications during the installation. How
would you create one in Kaspersky Security Center 13?
Any stand-alone package of Kaspersky Endpoint Security 11.6 for
Windows automatically uninstalls incompatible applications

Make sure that the checkbox Uninstall incompatible applications

º automatically is selected in the properties of the regular installation
package of Kaspersky Endpoint Security 11.6 for Windows prior to
creating a stand-alone installation package

Select the checkbox Uninstall incompatible applications automatically

in the properties of the stand-alone installation package

Make sure that the checkbox Uninstall incompatible applications

automatically is selected in the properties of the regular installation
package of Network Agent prior to creating a stand-alone installation
package

3.A network is protected with Kaspersky Endpoint Security 11.6 for

Windows and managed by Kaspersky Security Center 13 with the
default settings. What should the administrator do to completely
prohibit disabling the protection without hiding it?

º Protect the Uninstall / Modify / Restore commands with a password

º Prohibit stopping the Kaspersky Endpoint Security service

º Protect disabling the protection and control components with a

password

Protect the Exit command with a password

Block access to the Kaspersky Endpoint Security process

[Link] of the following virtual platforms does Kaspersky Security
Center 13 NOT support?

pO Citrix XenServer

V] KVM

V] Nutanix AOS

V] Proxmox VE

Microsoft Hyper-V Server

Parallels Desktop

Red Hat Virtualization

[Link] of the following components of Kaspersky Endpoint

Security 11.6 for Windows do NOT scan files?

Web Threat Protection

9 BadUSB Attack Prevention

9 Network Threat Protection

Mail Threat Protection

[Link] which of the following situations you need NOT specify the
administrator account in the remote installation task?
The administrator account is disabled on the remote computer

V] Network Agent is already installed on the computer and connected to

the Server

pO A previous version of Kaspersky Endpoint Security is already installed on

the computer

The account of the Administration Server service has administrator

permissions on the computer

Windows 10 operating system is installed on the computer

The computer has been prepared with the [Link] utility

[Link] component of Kaspersky Endpoint Security for Windows
divides applications into 4 groups: Trusted, Low Restricted, High
Restricted and Untrusted?
º Application Control

Host Intrusion Prevention

Behavior Detection

Exploit Prevention

[Link] of the following are Kaspersky Security Center tasks?

º Perform Windows Update synchronization

º Change Administration group

Synchronize Active Directory structure

Change Administration Server

[Link] adi strator has selected to Assign Network Agent

installation in the Active Directory group policies in the remote
installation task. When will the Network Agent installation be
finished on the target computers?

º In a few minutes after the task starts

In a few minutes after the computers receive the Active Directory group
policy

Atthe next restart of the computers

The next time that the users log on to the domain from the target
computers
[Link] network is protected with Kaspersky Endpoint Security 11.6
and managed with Kaspersky Security Center 13. The
administrator has disabled showing the application interface to
the users in the policy of Kaspersky Endpoint Security 11.6 for
Windows. What will NOT be hidden from the users?
Started processes of Kaspersky Endpoint Security

º Kaspersky Endpoint Security icon in the notification area

º Kaspersky Endpoint Security shortcut in the Start menu

Started services of Kaspersky Endpoint Security

Kaspersky Endpoint Security in the list of installed programs

[Link] the offered options select the correct one to complete

the procedure: In the Web Console, open
Discovery 6 Deployment | Deployment 6 Assignment | Installation
packages, ... How would you create a stand-alone installation
package in Kaspersky Security Center?
Click the button Create stand-alone installation package and select the
program from among those available on the Kaspersky websit

Click the button Create installation package and specify the path to the
º folder that contains program installation files, including the description
file with the .kpd extension

Click the button Create installation package and specify the path to the
folder that contains program installation files, including the description
file with the .kud extension

Select a regular installation package and click the button Deploy; select
the installation method Using a stand-alone package

[Link] does the Administration Server send UDP packets to the

Network Agent?

Periodically (by default, once every 15 min)

º When the administrator creates a report

º When the administrator adjusts settings applicable to the computer

At the administrator's command Force synchronization

 13.A workstation is managed remotely through Kaspersky Security
Center 13 with the default settings. Which of the following events
invoke pop-up notifications in the local interface of Kaspersky
Endpoint Security 11.6 for Windows?

Threats have been detected

º Application startup prohibited

Suspicious object detected

Network attack detected

[Link] components of Kaspersky Endpoint Security for

Windows CANNOT be installed on a server operating system?

Adaptive Anomaly Control

º Application Control

º Device Control

º AMSI Protection Provider

Behavior Detection

Host Intrusion Prevention

[Link] administrator has installed Network Agent and Kaspersky

Endpoint Security on a workstation, but has not moved it to the
Managed devices group. What will happen in that case?
Events will be delivered from the workstation to Kaspersky Security
Center, but policies and tasks will NOT be enforced on it

º Events will NOT be delivered from the workstation to Kaspersky Security

Center, but policies and tasks will be enforced on it

Events will NOT be delivered from the workstation to Kaspersky Security

Center, policies and tasks will NOT be enforced either
 [Link] of the following Kaspersky Endpoint Security
components can be used under the KESB Select license, but is
NOT installed by default?

IM Anti-Virus

º There are no such components

Network Threat Protection

BadUSB Attack Prevention

[Link] to create a new installation package for Kaspersky

Endpoint Security in the Kaspersky Security Center Web Console?
Open the folder with installation packages and make a copy of the
directory that contains a Kaspersky Endpoint Security package

9 Start the package creation wizard and select a Kaspersky Endpoint

Security distribution from the list of current application versions

Open the list of current application versions in Kaspersky Security

9 Center Administration Console, select the necessary version of

Kaspersky Endpoint Security, and click the button Download and create
installation package

Start the package creation wizard and specify the folder that contains
Kaspersky Endpoint Security installation files, which must include the
description file with the *.kud extension

[Link] Security Center 13 uses a remote database. To make

a backup copy of all data stored in the database, the administrator
needs to:
Just run the Backup of Administration Server data task, everything will
be done automatically

) None of the above

Run the [Link] utility on the computer where the database is

located
Run the [Link] utility on the Administration Server, but with the —
path switch
 [Link] of the following components of Kaspersky Endpoint
Security 11.6 for Windows does NOT use the KSN technology?

File Threat Protection

º Exploit Prevention

Virus Scan tasks

Web Threat Protection

Network Threat Protection

[Link] often do Network Agents synchronize settings with the

Administration Server by default?

Every 5 minutes

º Every 15 minutes

Every 30 minutes

Every 60 minutes

[Link] which events does Kaspersky Security Center notify the

administrator under the default settings?

º About all

About critical events of the Administration Server

About critical events of the Kaspersky Endpoint Security

About none

[Link] does Network Agent connect to the Administration

Server?
º When a packet arrives to the Agent's UDP port from the Server

º When there is an event to be sent to the Server

º Periodically (by default, once every 15 min)

When the user logs on to the system

[Link] operating systems does Kaspersky Endpoint Security
11.6 for Windows support?

Microsoft Windows Server 2012 R2 Foundation

Microsoft Windows Server 2012 R2 Essentials

aa

Microsoft Windows Server 2012 R2 Standard

Microsoft Windows Server 2012 R2 Datacenter

Microsoft Windows Server 2012 R2 Enterprise

[Link] of the following components of Kaspersky Endpoint

Security for Windows provides proactive defense against
unknown threats by analyzing the sequence of actions performed
by a program?

AMSI Protection Provider

º Behavior Detection

Host Intrusion Prevention

[Link] of the listed below is a known limitation of the Web

Control component in Kaspersky Endpoint Security 11.6 for
Windows?
It can't block content by data type over an https connection

º None of the above

Can't block any website, accessed over an https connection

It works only with the mainstream web browsers, such as Internet

Explorer, Mozilla Firefox, Google Chrome

[Link] the correct statements about how File Threat Protection

safeguards a computer with the default settings:

Scans all file types

º Scans potentially dangerous files

º Scans all files, even those that have not been changed

Scans only new and changed files

27.A network consists of: 27 computers running Microsoft
Windows Server 20165 computers running Microsoft Windows
Server 2012130 computers running Microsoft Windows 7
Professional 70 computers running Microsoft Windows 10. How
many remote installation tasks (minimum) do you need to create
to install Kaspersky Endpoint Security 11.6 for Windows on all
machines?
1

[> I
3
232

[Link] the correct statements about policies in Kaspersky

Security Center:

º There are active and inactive policies

º The administrator can create a policy for a set of computers belonging

to different groups

º The administrator can exclude a subgroup from a policy's scope

Active subgroups' policies inherit the locked settings of the active policy
º of a parent group by default (as far as policies of the same application
are concerned)
There may NOT be more than one active policy for the same application
in a group

To enforce policy settings on the computers, you must close the

respective locks

29.A network is protected with Kaspersky Endpoint Security for

Windows and managed by Kaspersky Security Center with the
default settings. The administrator has prohibited removable
drives in the Device Control. What can the user do to access a
removable drive?
Use the Pause protection and control command in the right-click menu
of the Kaspersky Endpoint Security icon in the notification area

º Submit a request and ask for access

Connect the drive to the USB port on the monitor

None of the above

[Link] administrator of Kaspersky Security Center 13 connects the
MMC console to the locally installed Administration Server,
creates an automatically filled application category, and specifies
the C:\Program Files\Microsoft\ folder as a parameter. Which
executable files will get into this category?
The files whose MD5 checksum coincides with the checksum of a file
located in C:\Program Files\Microsoft\ on the Administration Server

º The files whose SHA-256 checksum coincides with the checksum of a

file located in C:\Program Files\Microsoft\ on the Administration Server

The files that have the same certificate as a file located in C:\Program
Files\Microsoft\ on the Administration Server

The files whose metadata coincides with the metadata of a file located
in C:\Program Files\Microsoft\ on the Administration Server

31.A commercial license has expired in an organization, and the

money for purchasing a new license will be allocated only ina
month. Which functions of Kaspersky Endpoint Security 11.6 for
Windows will NOT work until the new license is in place?

Virus Scan tasks

º Updates

Real-time protection components

Management via Kaspersky Security Center

[Link] of the following components of Kaspersky Endpoint

Security for Windows can block executable file start?

º Behavior Detection

º Application Control

º Adaptive Anomaly Control

Host Intrusion Prevention

Device Control
 [Link] component of Kaspersky Endpoint Security 11.6 for
Windows analyzes the behavior of already running executable files
to detect malware activity?

Host Intrusion Prevention

N Y Behavior Detection
Kaspersky Security Network

Network Threat Protection

[Link] the start of group update tasks be randomized in

Kaspersky Security Center 13 to avoid simultaneous connections
of all client computers to the Administration Server?

Yes

º Yes, but only if the computers are organized into several subgroups with
update tasks having different schedules

Yes, but only if the From 1000 to 5000 computers or More than 5000
computers option was selected during the installation of the
Administration Server

No

[Link] can you make the Network Agent perform an unplanned

synchronization from the client side?

Carry out the klnagchk command without parameters

º Carry out the command klnagchk -sendhb

Carry out the command klnagchk -sync

Itis impossible

[Link] functions of Kaspersky Endpoint Security are NOT

available under the KESB Select license?
º Encryption of hard drives

º Encryption of files and folders

º Device Control

Integrity Check

Adaptive Anomaly Control

[Link] Kaspersky Endpoint Security 11.6 for Windows. The
administrator wants to block banners on the webpages visited by
the users. How can this be done?
Enable the Anti-Banner component

º Create a rule in the Web Control settings to block the content category
Banners

Enable the option to block banner links in the Web Threat Protection
settings

None of the above

[Link] administrator has installed Kaspersky Security Center 13,

created a KES installation group in the management console and
placed computers into that group. Then enabled automatic
installation of Network Agent and Kaspersky Endpoint Security in
the group properties. Which settings of the Install applications
remotely task would need to be edited for the installation to
complete successfully?

Change the installation method

º Nothing needs to be changed

Specify the license key

Specify the list of accounts to be used to run the task

[Link] of the following installation methods does NOT work if

the computer's shared folders are NOT accessible over the
network?
Remote deployment using Windows resources

º Installation from a stand-alone package

Remote installation using Active Directory

Installation using Network Agent

[Link] of the following remote installation methods can be
used in the Install Application remotely task in Kaspersky Security
Center 13 when the Network Agent is not selected to be
deployed?

º Using Group Policy Objects (GPO) in the Active Directory

º Using operating system tools: shared folders and remote procedure call
(RPC)

Using Logon Scripts in the Active Directory

Using Network Agent

[Link] administrator has created a stand-alone installation

package for Kaspersky Endpoint Security and Network Agent.
Select the correct statements about the stand-alone package:
º The stand-alone package contains the Administration Server connection
parameters (from the settings of the Network Agent package)

The stand-alone package installs the Kaspersky Endpoint Security

º components that were selected in the original package of Kaspersky
Endpoint Security

The stand-alone package includes the username and password of the

administrator, to enable a non-administrator user to start it

The stand-alone package contains only the installation parameters,

while the files will be downloaded from the shared folder of the
Administration Server during the installation

[Link] administrator wants to prohibit laptops from connecting to

Wi-Fi while using a wired connection. Which component of
Kaspersky Endpoint Security can help to achieve this?

Anti-Bridging

º Firewall

Host Intrusion Prevention

 [Link] Kaspersky Security Center 13. Which features or
components provide the data that populate the Executable files
node in the Administration Console?
º Kaspersky Security Center Network Agent

º Application Control of Kaspersky Endpoint Security

The Inventory task of Kaspersky Endpoint Security

The Find vulnerabilities and required updates task of Kaspersky Endpoint

Security

[Link] want the Firewall in Kaspersky Endpoint Security 11.6 for

Windows to allow any packets from [Link]. How can you
achieve this?
Specify a network with address 192 168.12.25/32 and assign the Trusted
Network status to it

Create a Network packet rule that allows all inbound and outbound
º packets to/from the address 192 168.12.25 and place it on top of the rule
list

Create an Application control rule that allows all inbound and outbound
packets to/from 192 168.12.25, and specify «*» for the application

Create an exclusion for the address 192.168.12

25 in the Trusted zone

[Link] can the administrator consult the list of domains with

secure connection scan errors?
In the Administration Console, in each computer's properties

º Only in the local Kaspersky Endpoint Security interface on a computer

In the Administration Console, in each computer's properties, or in the

local interface of Kaspersky Endpoint Security
[Link] administrator has selected to Assign Network Agent
installation in the Active Directory group policies in the remote
installation task that installs Kaspersky Endpoint Security together
with Network Agent. How will Kaspersky Endpoint Security be
installed?
º The same way as Network Agent, the task will assign installing the MSI
package of Kaspersky Endpoint Security in the Active Directory policy

The task will install Kaspersky Endpoint Security using Windows tools,
without waiting for the Network Agentto install

The task will install Kaspersky Endpoint Security using Network Agent
tools after the Agent connects to the Server

If the administrator selects the option Assign Network Agent installation

in the Active Directory group policies, the task will install only the
Network Agent

[Link] the Kaspersky Security Center installation, the DNS

name of the Administration Server was specified for its connection
address. Before deploying Kaspersky Network Agents, the
administrator has decided that the Server's IP address should be
used for connections. How would you make this change?

Run the Quick Start wizard again

º Modify the Administration Server address in the properties of the

Network Agent installation package

Modify the address in the Administration Server policy

Modify the address in the Network Agent policy

[Link] does a closed lock mean near a parameter in a group

policy of Kaspersky Endpoint Security?
º This parameter cannot be changed in the local interface of Kaspersky
Endpoint Security

º This parameter can be changed only by the administrator who created

the policy

This parameter cannot be changed in the subgroups' policies (unless

inheritance is disabled)

This parameter is password-protected

[Link] trust group will Intrusion Prevention assign to
applications for which it fails to get information from KSN (by
default)?
Trusted

º Low Restricted

High Restricted

Untrusted

[Link] removable drive access operations can Device Control

allow or block in Kaspersky Endpoint Security for Windows?

Read

Device Control cannot block specific removable drive access operations

[Link] component of Kaspersky Endpoint Security for Windows
divides applications into 4 groups: Trusted, Low Restricted, High
Restricted and Untrusted?
Application Control

º Behavior Detection

Host Intrusion Prevention

Exploit Prevention

[Link] the correct statements about the KL-AK- account created

by the installation wizard of Kaspersky Security Center
Administration Server:
º Itis included in the Domain Admins group

º Itis included in the BUILTINVAdministrators group

º Itis included in the KLAdmins group

It has the same permissions as the BUILTIN\Administrators group

It cannot be used to log on to the system locally

[Link] Inc. plans to deploy Kaspersky Endpoint Security on 10000

endpoints and manage protection through one Administration
Server. Which database server is recommended for Kaspersky
Security Center in this case?

º Microsoft SQL Server Standard

MySQL Community Edition

Microsoft SQL Server Express

MySQL Enterprise Edition

[Link] certificate does Kaspersky Security Center 13
Administration Server use for encrypted connections with
Kaspersky Network Agents?

Kaspersky certificate

º The certificate specified by the administrator during the Administration

Server installation

The certificate automatically generated during the Administration Server

installation
The Administration Server does not encrypt connections with Network
Agents

5.0n which operating systems can Kaspersky Security Center 13

Administration Server be installed?
Windows Server 2008

Windows Server 2008 R2

aaa

Windows Server 2012 R2

Windows Server 2016

Windows Server 2019

Windows 10

[Link] of the following Administration Server parameters cannot

be modified without reinstalling Kaspersky Security Center?

Administration Server communication ports

º SQL server address

Administration Server account

Shared folder location

[Link] which of the following situations you need NOT specify the
administrator account in the remote installation task?
The administrator account is disabled on the remote computer

º Network Agent is already installed on the computer and connected to

the Server

º The computer has been prepared with the [Link] utility

The account of the Administration Server service has administrator

permissions on the computer

Windows 10 operating system is installed on the computer

A previous version of Kaspersky Endpoint Security is already installed on

the computer

[Link] are installation logs of Kaspersky Endpoint Security and

Network Agent stored after a remote installation?

In %ProgramData%\Kaspersky Lab

º In the system %Temp% folder

In the user's %Temp% folder

In the root of the system drive

[Link] tasks and a policy are defined for Kaspersky Endpoint

Security 11.6 for Windows in the Managed devices group. You
want to apply completely different settings to a particular
subgroup. How can this be done?
Exclude this subgroup from the parent policy and create a new policy in
the subgroup

º Exclude this subgroup from the parent group's tasks and create new
tasks in the subgroup

º Create a new policy in the subgroup and disable inheritance in its

settings

Create new tasks in the subgroup and disable inheritance in their

settings

You can't do this, tasks and policies are always inherited

[Link] does the Firewall do with a packet that meets conditions
of several rules, including an allow rule for packets and a block
rule for applications? The block rule for applications is higher than
the allow rule for packets.

Allows the packet

º Blocks the packet

Applies the rule that is higher in the list

Applies the rule that is lower in the list

[Link] administrator needs to prohibit starting several programs in

the network. What is the best way to achieve this?
º In Application Control, select the Denylist mode and create a rule that
allows everything except the applications that must be prohibited

In Application Control, select the Denylist mode and create block rules
for the applications that must be prohibited

In Application Control, select the Allowlist mode and create a rule that
allows everything except the applications that must be prohibited

In Application Control, select the Allowlist mode and create block rules
for the applications that must be prohibited

[Link] administrator has selected to Assign Network Agent

installation in the Active Directory group policies in the remote
installation task that installs Kaspersky Endpoint Security together
with Network Agent. How will Kaspersky Endpoint Security be
installed?
The same way as Network Agent, the task will assign installing the MSI
package of Kaspersky Endpoint Security in the Active Directory policy

º The task will install Kaspersky Endpoint Security using Network Agent
tools after the Agent connects to the Server

The task will install Kaspersky Endpoint Security using Windows tools,
without waiting for the Network Agent to install

If the administrator selects the option Assign Network Agent installation

in the Active Directory group policies, the task will install only the
Network Agent
[Link] of the following remote installation methods can be
used in the Install Application remotely task in Kaspersky Security
Center 13 when the Network Agent is not selected to be
deployed?

Using Group Policy Objects (GPO) in the Active Directory

º Using operating system tools: shared folders and remote procedure call
(RPC)

º Using Network Agent

Using Logon Scripts in the Active Directory

[Link] administrator wants to configure Device Control settings in

the policy of Kaspersky Endpoint Security 11.6 for Windows, but
the control options are not displayed in the policy in the MMC
console. How should the administrator fix this?
Load a Kaspersky Endpoint Security for Business Select license into
Kaspersky Security Center

º Run a Change application components task and select the Standard

installation type instead of the Basic installation type

Open the interface settings in the MMC console and select the Display
endpoint control settings checkbox

None of the above

15.A network is protected with Kaspersky Endpoint Security 11.6

for Windows and managed by Kaspersky Security Center 13 with
the default settings. What should the administrator do to
completely prohibit disabling the protection without hiding it?

º Protect the Uninstall / Modify / Restore commands with a password

º Prohibit stopping the Kaspersky Endpoint Security service

º Block access to the Kaspersky Endpoint Security process

Protect the Exit command with a password

Protect disabling the protection and control components with a

password
[Link] is a standard computer selection named Many viruses
detected in the Kaspersky Security Center 13 Administration
Console. What does “many” mean?
The number specified for the Many viruses detected status in the group
properties

º The number specified in the selection properties

More than 0

More than 10 viruses per 10 minutes

[Link] is the default password in the Backup of Administration

Server data task created by the Quick Start wizard of Kaspersky
Security Center 13?

kaspersky

º There is no default password

KasperskyLab

KL

[Link] does password that can be specified in the Network

Agent policy prevent?

Network Agent uninstallation

º Stopping the Network Agent service

Starting the [Link] and [Link] utilities

Carrying out the command send heartbeat that forces synchronization

with the Server

19.A user tries to visit an https website. Kaspersky Endpoint

Security installed on the computer is under the policy created by
the Quick Start Wizard. An error is encountered when scanning
encrypted traffic. What will happen in that case?
Kaspersky Endpoint Security will block the https connection and notify
the user.

The domain will be automatically added to the local list of exclusions

º (domains with scan errors). Its encrypted traffic will be skipped without
scanning. The user will successfully connect to the website.

An https connection error will be displayed

[Link] Kaspersky Security Center 13. Which of the following
conditions can make the backup task return an error on the
Administration Server?
º The Administration Server account has no Write permissions for the
backup target directory

º The database server account has no Write permissions for the backup
target directory

º The drive where the backup directory is located lacks free space

The Download updates to the repository task is running on the server

(backup copying cannot be started until updating is finished)

21.A computer running Windows 7 is protected with Kaspersky

Endpoint Security 11.6 for Windows. You want to prohibit
connecting USB scanners to this computer, but allow removable
USB drives. How can this be done?
Block Cameras and scanners in the Device Control

º Block USB bus in the Device Control

Block multifunctional devices in the Device Control

Kaspersky Endpoint Security cannot block USB scanners

[Link] user tries to download an archive with freeware from an

HTTP website. If there is an infected object in the archive, which
component of Kaspersky Endpoint Security for Windows will be
the first to detect it?
º Web Threat Protection

Firewall

Virus Scan task

File Threat Protection

[Link] version of SQL server is included with the Kaspersky

Security Center 13 Administration Server distribution?

Microsoft SQL Server 2016 Express

º None of the above

Microsoft SQL Server 2017 Express

Microsoft SQL Server 2019 Express

[Link] update task of Kaspersky Endpoint Security for Windows
has Update settings for local mode and Update settings for mobile
mode. Under which conditions are Update settings for mobile
mode used?
The update task has no update settings for mobile mode

If the conditions of switching to the mobile mode (which are specified in

º the Network Agent policy) are met, and the out-of-office policy is
applied to the computer

If the conditions of switching to the mobile mode (which are specified in

the Network Agent policy) are met

If all sources specified in the settings for local mode are inaccessible

[Link] components of Kaspersky Endpoint Security for

Windows CANNOT be installed on a server operating system?

º Adaptive Anomaly Control

º Behavior Detection

º Device Control

Application Control

AMSI Protection Provider

Host Intrusion Prevention

[Link] the correct statement:

If a computer is included in several groups, the policy of the group that
is higher in the list is applied

º If a computer is included in several groups, the policy that is higher in

the Policies node is applied to it

A computer cannot be included in several groups

If a computer is included in several groups, a policy is not applied to it

 [Link] of the following virtual platforms does Kaspersky
Security Center 13 support?

Citrix XenServer
QAAAdQ

Microsoft Hyper-V Server

Oracle VM VirtualBox

Parallels Desktop

VMware vSphere

VMware Workstation

KVM

Nutanix AOS

[Link] of the following installation methods does NOT work if

the computer is NOT on the domain?

Remote deployment using Windows resources

º Remote installation using Active Directory

Installation from a stand-alone package

Installation using Network Agent

[Link] Kaspersky Security Center 13. There is an Automatic

installation task that installs the Network Agent in the Managed
devices group. However, you want to exclude one of subgroups
from automatic installation. Is this possible?

º No, because Automatic installation tasks don't have exclusion settings

Yes, you can set this up in the Automatic installation section in the group
properties

Yes, you can set this up in the Exclusions from task scope section in the
task settings

This is not possible for the automatic installation task of the Kaspersky
Network Agent
30.0n which operating systems can you NOT install Kaspersky
Security Center 13 Administration Server?
Windows Server 2008

º Windows Vista

€ Windows 10
Windows Server 2008 R2

Windows Server 2012 R2

Windows Server 2016

Windows Server 2019

[Link] administrator needs to remotely install Network Agent and

Kaspersky Endpoint Security on five laptops, which have different
local administrator accounts and are not on the domain. What
would you advise?

Create an individual remote installation task for each laptop

º Create a single remote installation task and specify accounts of all

administrators there

Create a single remote installation task and run it five times; change the
target computer and the administrator account every time

[Link] drives are blocked by Device Control; however,

some users can still use their smartphones as USB mass storage
devices. What do you need to change in the policy to prohibit this
workaround without affecting any other USB devices?

Block USB bus in the Device Control

º Block Portable devices (MTP) in the Device Control

Block Multifunctional devices in the Device Control

It can't be done; Kaspersky Endpoint Security 11.6 for Windows cannot

block such devices
[Link] does File Threat Protection of Kaspersky Endpoint
Security for Windows do?
Scans files on drives on access

º Scans all files, regardless of the source and interception method

Scans files on drives on demand

Controls access to the registry

[Link] can you find the list of computers blocked by the

Network Threat Protection component?
In the local interface of Kaspersky Endpoint Security, in the Network
º Monitor window that you can open from the shortcut menu of the
Network Attack Blocker component

In the local interface of Kaspersky Endpoint Security, in the Network

Monitor window that you can open from the More Tools menu

In Kaspersky Security Center Administration Console, in the properties

of the attacked computer, in the statistics window of the Kaspersky
Endpoint Security for Windows application

[Link] of the following task types pertain to Kaspersky

Endpoint Security for Windows?

Install application remotely

º Change application components

º Integrity check

Uninstall application remotely

Find vulnerabilities and required updates

[Link] is the purpose of virus scan tasks, if File Threat Protection

is permanently running on the computers with the default
settings?
They scan disk boot sectors

º They scan files within archives, and thus decrease the risk of spreading
infected files inadvertently

º They scan files of all formats, and thus decrease the risk of spreading
infected files inadvertently

They scan files on removable and network drives

37.A network is protected with Kaspersky Endpoint Security for
Windows and managed by Kaspersky Security Center with the
default settings. The administrator disabled displaying the
Kaspersky Endpoint Security interface on clients. Users have
discovered the KES folders on the hard drive and decided to try to
get rid of the protection. How can they do it, supposing they have
local administrator rights?

Uninstall Kaspersky Endpoint Security

º Terminate the process of Kaspersky Endpoint Security

º Stop the service of Kaspersky Endpoint Security

Uninstall Network Agent and then disable automatic startup of

Kaspersky Endpoint Security 11

38.A commercial license has expired in an organization, and the

money for purchasing a new license will be allocated only in a
month. Which functions of Kaspersky Endpoint Security 11.6 for
Windows will NOT work until the new license is in place?

Virus Scan tasks

º Updates

Real-time protection components

Management via Kaspersky Security Center

[Link] application types does the installer of Kaspersky

Endpoint Security consider incompatible and try to uninstall?

º Third-party antiviruses

@ Third-party firewalls
Third-party backup tools

Third-party remote management tools (such as TeamViewer, VNC,

RemoteAdmin, etc.)
[Link] administrator needs to organize computers from a subnet
into a group. The administrator knows that historically, some of
computers of this subnet receive addresses from the range
[Link] through [Link], and names of other
computers start with ‘PROD’. There are no computers with these
addresses or names anywhere else in the network. How to
configure computer relocation rules?
Create a relocation rule and specify both conditions in it: the range of IP
addresses and the name mask

Create a relocation rule and specify both conditions in it: the range of IP
º addresses and the name mask, and also select the checkbox Apply the
rule if at least one of the conditions is matched

Create two relocation rules for the same group: in one of them, specify
the IP range condition, and in the other one, the name mask

Relocation rules cannot solve this task

[Link] does Host Intrusion Prevention select a trust level fora

program?

º Using information from Kaspersky Security Network

º Using trust levels explicitly specified in the policy

Using a local heuristic algorithm

Using the results of background scanning by the online service

[Link]

42 You want to prohibit the users from starting any browser

except for Internet Explorer. You don't want to block any other
kinds of applications. Which component of Kaspersky Endpoint
Security for Windows is the right tool for the job?

º Application Control

Host Intrusion Prevention

Device Control

Web Control

Adaptive Anomaly Control

 [Link] Kaspersky Security Center 13. Which features or
components provide the data that populate the Executable files
node in the Administration Console?
Kaspersky Security Center Network Agent

º Application Control of Kaspersky Endpoint Security

º The Inventory task of Kaspersky Endpoint Security

The Find vulnerabilities and required updates task of Kaspersky Endpoint

Security

[Link] of the following components of Kaspersky Endpoint

Security for Windows provides proactive defense against
unknown threats by analyzing the sequence of actions performed
by a program?

AMSI Protection Provider

º Behavior Detection

Host Intrusion Prevention

[Link] can you download from the Current application

versions page?
º Distributions of managed applications, such as Kaspersky Endpoint
Security

º Distributions of new versions of Kaspersky Security Center

º Distributions of all applications by Kaspersky

Management plug-ins for the programs

Patches for Kaspersky Security Center components

[Link] can you configure Host Intrusion Prevention to improve

protection against ransomware?

Prohibit starting files from temporary folders and removable drives

Describe documents as a protected resource, and prohibit programs

º with bad (unknown) reputation from performing Write and Delete
operations

Describe documents as a protected resource, and enable automatic

backup for them

Enable the Advanced Disinfection technology

[Link] of the following installation methods does NOT work if
the computer's shared folders are NOT accessible over the
network?
º Remote deployment using Windows resources

Installation from a stand-alone package

Remote installation using Active Directory

Installation using Network Agent

[Link] often do Network Agents synchronize settings with the

Administration Server by default?

Every 5 minutes

º Every 15 minutes

Every 30 minutes

Every 60 minutes

[Link] network is protected with Kaspersky Endpoint Security

11.6 and managed with Kaspersky Security Center 13. The
administrator has disabled showing the application interface to
the users in the policy of Kaspersky Endpoint Security 11.6 for
Windows. What will NOT be hidden from the users?
º Started processes of Kaspersky Endpoint Security

º Started services of Kaspersky Endpoint Security

Kaspersky Endpoint Security in the list of installed programs

Kaspersky Endpoint Security icon in the notification area

Kaspersky Endpoint Security shortcut in the Start menu

[Link] component of Kaspersky Endpoint Security for Windows

except Web Threat Protection takes part in protection against
phishing?

File Threat Protection

º Mail Threat Protection

Web Control

None of the above