New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

McAfee MA0-104 Intel Security Certified Product Specialist Exam Practice Test

Page: 1 / 7
Total 70 questions

Intel Security Certified Product Specialist Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$37.5  $124.99

PDF Study Guide

  • Product Type: PDF Study Guide
$33  $109.99
Question 1

With regard to Data Source configuration and event collection what does the acronym CEF stand for?

Options:

A.

Correlation Event Framing

B.

Common Event Format

C.

Common Event Framing

D.

Condition Event Format

Question 2

Which of the following are the three default users defined within the Users and Groups option in the ESM properties?

Options:

A.

NGCP, POLICY, REPORT

B.

NGCP, BACKUP, REPORT

C.

ADMIN, POLICY, REPORT

D.

NGCP, SYSTEM, REPORT

Question 3

What Firewall component is natively used by the McAfee SIEM appliances to protect the appliances from unauthorized communications?

Options:

A.

Iptables

B.

McAfee Host Intrusion Prevention System (HIPS)

C.

Linux Firewall

D.

Access Control List (ACL)

Question 4

Which of the following is the default port used to communicate between McAfee SIEM devices?

Options:

A.

22

B.

222

C.

21

D.

211

Question 5

Which of the following ports is the correct choice for use when configuring the database properties of a McAfee Network Security Platform (NSP) Device Data Source?

Options:

A.

1433

B.

5432

C.

9001

D.

3306

Question 6

Which authentication methods can be configured to control alarm management privileges?

Options:

A.

SNMP

B.

SSH Key Pair

C.

Active Directory

D.

Access Groups

Question 7

Analysts can effectively use the McAfee SIEM to identify threats by ?

Options:

A.

focusing on aggregated and correlated events data.

B.

disabling aggregation, so all data are visible.

C.

studying ELM archives, to analyze the original data

D.

use the streaming event viewer to analyze data.

Question 8

A backup of the ELM management database captures

Options:

A.

ELM configuration settings

B.

ELM configuration settings, and the ELM archive index

C.

ELM configuration settings, the ELM archive index, and all archived ELM contents.

D.

ELM configuration settings, the ELM archive index, and all archived ELM contents up to the ESM database retention limit.

Question 9

Event Aggregation is performed on which of the following fields?

Options:

A.

Signature ID, Destination IP, User ID

B.

Source IP, Destination IP, User ID

C.

Signature ID, Source IP, Destination IP

D.

Signature ID, Source IP, User ID

Question 10

When preparing to apply a patch to the Enterprise Security Manager (ESM) and completing the ESM checklist, the command cat/proc7mdstat has been issued to determine RAID functionally The system returns an active drive result identified as [U J What action should be taken?

Options:

A.

Apply the patch, this is a properly functional RAID which can be upgraded.

B.

Apply the patch, drive 1 is active and can be upgraded.

C.

Apply the patch, drive 2 is active and can be upgraded.

D.

Contact support before proceeding with the upgrade.

Page: 1 / 7
Total 70 questions