Download Intel Security Certified Product Specialist.MA0-104.PracticeTest.2018-08-08.37q.vcex

Vendor: McAfee
Exam Code: MA0-104
Exam Name: Intel Security Certified Product Specialist
Date: Aug 08, 2018
File Size: 21 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAMFILESCOM

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
Analysts can effectively use the McAfee SIEM to identify threats by
  1. focusing on aggregated and correlated events data.
  2. disabling aggregation, so all data are visible.
  3. studying ELM archives, to analyze the original data.
  4. use the streaming event viewer to analyze data.
Correct answer: A
Question 2
If there is no firewall at the border of the network, which of the following could be used to simulate the protection a firewall provides?
  1. Load balancer
  2. Router Access Control List (ACL)
  3. Switch port blocking
  4. An email gateway
Correct answer: B
Question 3
When viewing the Policy Tree, what four columns are displayed within the Rules Display pane?
  1. Action, Severity, Aggregation, Copy Packet
  2. Action, Severity, Normalization, Copy Packet
  3. Action, Severity, Aggregation, Drop Packet
  4. Enable, Severity, Aggregation, Copy Packet
Correct answer: A
Explanation:
References:https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/25000/PD25748/en_US/esm_950_pg_0-00_en-us.pdf Page: 287
References:
https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/25000/PD25748/en_US/esm_950_pg_0-00_en-us.pdf Page: 287
Question 4
An organization notices an increasing number of ESM concurrent connection events. To mitigate risks related to concurrent sessions which action should the organization take?
  1. Increase the concurrent session alarm threshold
  2. Decrease the console timeout value
  3. Increase the number of the concurrent sessions allowed
  4. Customize the login page with the organization’s logo
Correct answer: B
Question 5
Alarms using field match as the condition type allow for selected Actions to be taken when the Alarm condition is met. 
Which of the following McAfee ePolicy Orchestrator (ePO) Actions can be selected when creating such Alarm?
  1. Send Events
  2. Collect and Send Properties
  3. Agent Uninstall
  4. Assign Tag with ePO
Correct answer: D
Explanation:
References:https://community.mcafee.com/docs/DOC-6061
References:
https://community.mcafee.com/docs/DOC-6061
Question 6
A SIEM can be effectively used to identify active threats from internal systems by monitoring/correlating events that occur
  1. when no one is logged in; for example, after hours or on weekends.
  2. across an unusual range of ports or destinations; for example, all high ports.
  3. irregularly; for example, only on Fridays, or only at end-of-quarter.
  4. in accordance with expected systems use.
Correct answer: D
Question 7
While investigating beaconing Malware, an analyst can narrow the search quickly by using which of the following watchlists in the McAfee SIEM?
  1. MTIE Suspicious and Malicious
  2. TSI Suspicious and Malicious
  3. GTI Suspicious and Malicious
  4. MTI Suspicious and Malicious
Correct answer: C
Question 8
A backup of the ELM management database captures
  1. ELM configuration settings
  2. ELM configuration settings, and the ELM archive index.
  3. ELM configuration settings, the ELM archive index, and all archived ELM contents.
  4. ELM configuration settings, the ELM archive index, and all archived ELM contents up to the ESM database retention limit.
Correct answer: B
Question 9
Which of the following is the name of the Dashboard View that shows correlated events for the selected Data Source?
  1. Default Summary
  2. Normalized Dashboard
  3. Incidents Dashboard
  4. Triggered Alarms
Correct answer: A
Question 10
The McAfee SIEM solution satisfies which of the following compliance requirements?
  1. Continuous monitoring, Log retention
  2. Personally Identifiable Information (PII) protection
  3. Payment Card Industry/ Data Security Standard (PCI/ DSS) protection
  4. Patch management automation
Correct answer: A
Explanation:
References:http://www.mcafee.com/uk/resources/solution-briefs/sb-compliance-made-easy.pdf
References:
http://www.mcafee.com/uk/resources/solution-briefs/sb-compliance-made-easy.pdf
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!