To run file-based scanning on a virtual machine, which service must be installed?

To perform file-based scanning on a virtual machine, the Guest Introspection Service must be installed. This service is specifically designed to enable the deep inspection of files and applications running within the guest operating systems of virtual machines. It operates in conjunction with the Deep Security Agent, allowing for efficient scanning of files without the need for traditional endpoint security measures that may be resource-intensive.

The Guest Introspection Service functions by leveraging hypervisor capabilities to access the virtual machine's file system and processes, facilitating comprehensive security measures such as malware detection and policy compliance. This service is essential for implementing effective file-based protection in virtualized environments.

The other options serve different purposes. The Deep Security Service relates to the overall management and deployment of security policies, while the Network Introspection Service focuses on analyzing network traffic, and NSX Security Policy pertains to broader network security configurations, specifically in VMware NSX environments. Therefore, their functionalities do not directly include the requirements for file-based scanning within virtual machines.