Monitor Protection Status and Activity
These questions are based on 70-557 – TS: Microsoft Forefront Client and Server, Configuring
Self Test Software Practice Test
Objective: Monitor protection status and activity.
Sub-objective: Configure default actions.
Multiple answer, multiple-choice.
You are the network administrator for a large telecommunications company. You deploy Forefront Security for SharePoint (FSSP) in your organization. You want FSSP to scan a document named Executives every night at 22:00 hours. You also want to configure FSSP to specify the list of phrases that should never be used by the Executives document.
What should you do? (Choose two.)
- Configure the Manual Scan Job options in the Scan Jobs work pane.
- Create a new file filter list in the Filtering work pane.
- Create a new keyword filter list in the Filtering work pane.
- Configure the Realtime Scan Job options in the Scan Jobs work pane.
A. Configure the Manual Scan Job options in the Scan Jobs work pane.
C. Create a new keyword filter list in the Filtering work pane.
You should create a keyword filter list and configure the Manual Scan Job options to achieve the objective in this scenario. You should configure keyword filtering when you want to filter all files uploaded or downloaded from the SharePoint site based on certain words, phrases and sentences. You should configure the Manual Scan Job when you want to customize the scan job performed by FSSP, such as scanning a specific document, scanning at a specific time or allowing FSSP to use third-party scan engines. Perform the following steps to create a new keyword list:
- Go to Forefront Server Security Administrator Filtering.
- Click the Filter Lists icon.
- In the List Types pane, select the Keywords option.
- In the List Names section, click the Add button.
- Type a desired name for the new list, and then press Enter. The empty list appears in the List Names section.
- Click the Edit button, open the Edit Filter List dialog box and add content to your filter list.
- Click the Add button in the Include In Filter section.
- Type a word or phrase to be included in the filter list, and press Enter when you are finished typing.
- Select the Exclude From Filter option if you want to enter keywords or phrases that should not be included on the keyword list. You can use the Exclude From Filter option to prevent adding words and phrases that you may include accidentally.
- Click OK when you are finished adding items.
- Click Save to save the items included.
When a problem is detected by FSSP on any file uploaded or downloaded to the SharePoint server, you can configure the Manual Scan Job to take necessary actions. The following actions can be configured for a Manual Scan Job in FSSP:
- Skip: detect only: FSSP takes no action when a file matches the keyword filtering criteria. However, FSSP keeps a record of the files that meet the keyword filtering criteria. A notification also is sent to all e-mail addresses specified under the Virus Administrators notification role.
- Block: prevent transfer: FSSP blocks all files that meet the filtering criteria and prevents them from getting transferred from or to the SharePoint site. This action is applicable only to the Realtime Scan Job. You can configure Manual Scan Job options in the FSSP protected server by going to Forefront Server Security Administrator > Settings > Scan Jobs.
You should not create a file filter list and configure the Realtime Scan Job to achieve the objective in this scenario. The file-filtering feature used in Forefront Security for SharePoint enables you to search for documents stored on SharePoint server based on specific name, type or size of the file, and take necessary action when identified. You can configure file filtering to take actions such as delete, quarantine, notify or report when such file is detected. The Realtime Scan Job plays an important role in Forefront Security for SharePoint for protecting a SharePoint server. You can configure a Realtime Scan Job to perform scanning for all files uploaded and downloaded from the SharePoint server.
TechNet > TechNet Library > Forefront Server Security > Forefront Security for SharePoint > Operations > Forefront Security for SharePoint User Guide > Realtime Scan Job > SharePoint Realtime Scan Job