Explanation
The Scan for Recommendations feature in Deep Security does not recommend Log Inspection rules; it recommends rules for modules such as Intrusion Prevention, Firewall, and Integrity Monitoring.
Log Inspection recommendations must be manually configured or imported.
All other statements (A, B, C) are true.
From the official documentation:
"Scan for Recommendations identifies applicable Intrusion Prevention, Integrity Monitoring, and Firewall rules. It does not suggest Log Inspection rules."
"Custom log inspection rules can be created using OSSEC-compatible syntax."
"Deep Security Manager collects Log Inspection events from agents during the heartbeat process."
"Log Inspection is supported in agent-based and agentless deployments (with VMware)."
[References:, , Trend Micro Deep Security 20 LTS Administrator’s Guide — Log Inspection, , Scan for Recommendations — Deep Security Help]
