New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. McAfee
  3. ISCPS SIEM
  4. MA0-104 - Intel Security Certified Product Specialist

McAfee MA0-104 Intel Security Certified Product Specialist Exam Practice Test

Page: 1 / 7
Total 70 questions
Get MA0-104 Full Access Download MA0-104 PDF

Intel Security Certified Product Specialist Questions and Answers

Question 1

In the context of McAfee SIEM, the local protected network address space is a variable referred to as.

Options:

A.

TRUSTED_NET

B.

INTERNAL_NET

C.

EXTERNAL_NET

D.

HOME_NET

Question 2

The McAfee Enterprise Security Manager (ESM) system clock is set to

Options:

A.

International Date Line West.

B.

Daylight Savings Offset.

C.

Greenwich Mean Time.

D.

Geo-Location.

Question 3

Internet perimeter firewall data-sources provide excellent visibility into

Options:

A.

backbone Intrusion Prevention System (IPS) detections.

B.

server misbehavior.

C.

inbound port scans

D.

client patch level.

Question 4

A McAfee Event Receiver (ERC) will allow for how many Correlation Data Sources to be configured?

Options:

A.

1

B.

3

C.

5

D.

10

Question 5

What Firewall component is natively used by the McAfee SIEM appliances to protect the appliances from unauthorized communications?

Options:

A.

Iptables

B.

McAfee Host Intrusion Prevention System (HIPS)

C.

Linux Firewall

D.

Access Control List (ACL)

Question 6

When writing custom correlation rules, the analyst should focus on

Options:

A.

multiple security controls and events specific to the environment.

B.

any one specific high-quality indicator of compromise.

C.

malware alerts announced by industry security groups

D.

firewall events, as they provide the first indication of a compromise

Question 7

Alarms using field match as the condition type allow for selected Actions to be taken when the Alarm condition is met. Which of the following McAfee ePolicy Orchestrator (ePO) Actions can be selected when creating such Alarm?

Options:

A.

Send Events

B.

Collect and Send Properties

C.

Agent Uninstall

D.

Assign Tag with ePO

Question 8

The primary function of the Application Data Monitor (ADM) appliance is to decode traffic at layer

Options:

A.

one for inspection.

B.

three for inspection.

C.

five for inspection.

D.

seven for inspection.

Question 9

Which of the following ports is the correct choice for use when configuring the database properties of a McAfee Network Security Platform (NSP) Device Data Source?

Options:

A.

1433

B.

5432

C.

9001

D.

3306

Question 10

The ESM database is unavailable for use during

Options:

A.

a configuration backup.

B.

a full backup.

C.

archiving of inactive partitions

D.

synchronization with the redundant ESM.

Load More MA0-104 Questions 
Page: 1 / 7
Total 70 questions
Get MA0-104 Full Access Download MA0-104 PDF