Skip to main content

VMCE Practice Question - 23 April 2024

coolsport00
Forum|alt.badge.img+20

Here we are again...another VMCE Practice Question. Are you ready??

Not sure if you saw one of my comments on a previous question from last week, but if you’re following along, you know I shared in a comment I will begin posting the VMCE Practice Questions on definitive days of the week → on Tuesdays and Thursdays; then I’ll provide the answers and links to both questions on Friday. That way you all can anticipate when the follow-ups/answers will be to check your responses.

Questions will begin to get a bit more difficult. So, for today’s question:

 

Your director wants to make sure the organization is more apt to recover data in the event of a malware incident. You share with her Veeam now has the ability to scan backups for malware. Your director gives the ok for you to enable the File System Analysis option. After a couple backup jobs run, you want to review logs to see if Veeam detected anything, but you're not able to find the Malware_Detection_Logs folder in the ProgramData directory. Why may this behavior occur?

  1. Backup jobs do not have Guest File System Indexing enabled
  2. The File System Analysis engine doesn't have a Malware_Detection_Logs folder
  3. You do not have sufficient privileges to view File System Analysis logs
  4. Inline Entropy Scan was not enabled
Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00

9 comments

E
Forum|alt.badge.img+3
  • Epicfailing
  • Veeam Legend
  • 91 comments
  • April 23, 2024
  1. Inline Entropy Scan was not enabled
Danny de Heer - Veeam VMCE2021/2024 | Veeam Legend 2*
coolsport00
BethSouza
2 people like this
  • coolsport00
    coolsport00
  • BethSouza
    BethSouza
Chris.Childerhose
Forum|alt.badge.img+21
  • Chris.Childerhose
  • Veeam Legend, Veeam Vanguard
  • 8497 comments
  • April 23, 2024

The answer is - 

  1. Backup jobs do not have Guest File System Indexing enabled

 

Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | vExpert 6* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
coolsport00
BethSouza
Copernicus42
4 people like this
  • coolsport00
    coolsport00
  • BethSouza
    BethSouza
  • Copernicus42
    Copernicus42
  • B
    Bruno_França
E
Forum|alt.badge.img+3
  • Epicfailing
  • Veeam Legend
  • 91 comments
  • April 23, 2024

Hmm i thought it wasnt neccesary for indexing to be enabled to use malware scanning.

https://helpcenter.veeam.com/docs/backup/hyperv/malware_detection_methods.html?ver=120

ah well, something learned today ;)

Danny de Heer - Veeam VMCE2021/2024 | Veeam Legend 2*
Chris.Childerhose
coolsport00
2 people like this
  • Chris.Childerhose
    Chris.Childerhose
  • coolsport00
    coolsport00
JMeixner
Forum|alt.badge.img+17
  • JMeixner
  • On the path to Greatness
  • 2650 comments
  • April 23, 2024

We had enabled both options and didn't have the folder Malware_Detection_Logs…

Is it created after something was found only?

Jochen (Joe) Meixner | Veeam Vanguard 2024 | Veeam Legend 2021 - 2024 | Veeam Certified Architect (VMCA) | Twitter: @JoMeix | BlueSky: @jmeixner.bsky.social
coolsport00
vAdmin
2 people like this
  • coolsport00
    coolsport00
  • vAdmin
    vAdmin
vAdmin
Forum|alt.badge.img+2
  • vAdmin
  • Influencer
  • 168 comments
  • April 24, 2024
JMeixner wrote:

We had enabled both options and didn't have the folder Malware_Detection_Logs…

Is it created after something was found only?

Wow, that could also be the reason @JMeixner .

Microsoft Azure Solutions Architect Expert, VMware Certified Professional - DCV 7, Citrix Certified Professional Virtualization (CCP-V), ITIL Practitioner
Chris.Childerhose
coolsport00
2 people like this
  • Chris.Childerhose
    Chris.Childerhose
  • coolsport00
    coolsport00
vAdmin
Forum|alt.badge.img+2
  • vAdmin
  • Influencer
  • 168 comments
  • April 24, 2024
  1. Backup jobs do not have Guest File System Indexing enabled

 

Microsoft Azure Solutions Architect Expert, VMware Certified Professional - DCV 7, Citrix Certified Professional Virtualization (CCP-V), ITIL Practitioner
Chris.Childerhose
coolsport00
2 people like this
  • Chris.Childerhose
    Chris.Childerhose
  • coolsport00
    coolsport00
M
Forum|alt.badge.img+1
  • messher
  • Comes here often
  • 27 comments
  • April 24, 2024

It’s a) Backup jobs do not have Guest File System Indexing enabled

Chris.Childerhose
coolsport00
2 people like this
  • Chris.Childerhose
    Chris.Childerhose
  • coolsport00
    coolsport00
coolsport00
Forum|alt.badge.img+20
  • coolsport00
  • Author
  • Veeam Legend
  • 4145 comments
  • April 26, 2024

And, the answer is???…………..

 

Show content

Yes, it is A. GREAT job for those who got it correct! Chris provided a screenshot (thank you, Chris), but the User Guide link is:

https://helpcenter.veeam.com/docs/backup/vsphere/malware_detection_guest_index_enable.html?ver=120

JMeixner wrote:

We had enabled both options and didn't have the folder Malware_Detection_Logs…

Is it created after something was found only?


And @JMeixner - you are correct, as well. The only thing about that is this wasn’t a possible answer. But if it was, it would be correct. And though it doesn’t explicitly say ‘folder is created only if malware was detected/found’, you can infer that from what is stated in the Guide → From the User Guide:

“Information about detected malware activity is stored in malware detection logs. The path by default: C:\ProgramData\Veeam\Backup\Malware_Detection_Logs.
Last paragraph at the following link:

https://helpcenter.veeam.com/docs/backup/hyperv/malware_detection_guest_index_hiw.html?ver=120


Well done everyone!

 

Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00
Chris.Childerhose
1 person likes this
  • Chris.Childerhose
    Chris.Childerhose
Chris.Childerhose
Forum|alt.badge.img+21
  • Chris.Childerhose
  • Veeam Legend, Veeam Vanguard
  • 8497 comments
  • April 26, 2024

Thanks.  Figured it would help with understanding the question and answer.  😁

Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | vExpert 6* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
coolsport00
1 person likes this
  • coolsport00
    coolsport00

Comment


Terms & Conditions