CertsTopics Logo

Summer Special Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 60certs

McAfee MA0-107 Dumps

Page: 1 / 3
Total 70 questions
Get MA0-107 Full Access Download MA0-107 PDF

McAfee Certified Product Specialist - ENS Questions and Answers

Question 1

Joe, an administrator, runs a policy-based, on-demand scan on a system and notices that after the scan, a threat event was created for what appears to be a false positive. Joe wants to submit the file for analysis to McAfee Labs; but every time he accesses the file, it is detected. In which of the following default locations can Joe find the backups of the detected files?

Options:

A.

%ProgramData%\McAfee\Common Framework\AgentEvents

B.

C:\Quarantine

C.

C:\Windows\Temp\Quarantine

D.

%deflogfir%\Quarantine

Question 2

A company's security posture requires the ENS firewall to be enabled; however, the team is unsure of communication flows in the environment. In which of the following modes should the ePO administrator deploy the firewall policy to achieve flow awareness?

Options:

A.

Adaptive Mode

B.

Interface Mode

C.

Enforce Mode

D.

Observe Mode

Question 3

A user is unable to access a website. The Web Control browser toolbar appears gray. Other websites are accessible. Which of the following features of ENS Web Control has been enabled and is causing the issue?

Options:

A.

Block links to risky sites in the search results.

B.

Block phishing pages for all sites.

C.

Block sites that are not verified by GTI.

D.

Block sites by default if the McAfee GTI ratings server is not reachable.

Question 4

When configuring the Adaptive Threat Protection Options policy, which of the following is a rule assignment group that needs to be selected to accommodate an environment consisting of high-change systems with frequent installations and updates of trusted software?

Options:

A.

Adaptive

B.

Productivity

C.

Balanced

D.

Security

Question 5

For which of the following reasons does ENS 10 store two previous versions of AMCore content?

Options:

A.

To allow for content rollback if it is needed

B.

To allow for comparison of detections between content versions

C.

To allow for backup when an Extra.DAT is deployed

D.

To allow for choice of which content to scan a file against

Question 6

The security team has requested that adaptive threat protection be integrated with a TIE server. Which of the following is required?

Options:

A.

Data Exchange Layer

B.

Advanced Threat Defense

C.

Event Security Manager

D.

Active Response

Question 7

Which of the following is the benefit of a TIE server with regard to the Adaptive Threat Protection module?

Options:

A.

It communicates with McAfee GTI for file and certificate reputation for malicious code.

B.

It is required, and the Adaptive Threat Protection will only work with the TIE server.

C.

The Threat Protection cache flushes when the reputation rules change.

D.

The stored file and certificate reputations are locally stored, making the remediation automatically quicker.

Question 8

An administrator wants to add executables that are monitored with the Exploit Prevention engine. To which of the following policy sections should the executables be added?

Options:

A.

Generic privilege escalation prevention

B.

Exclusions

C.

Signatures

D.

Application protection rules

Question 9

The ePO administrator sees the ENS firewall has been disabled on an endpoint in ePO. The end user states that no changes were made to the McAfee products on the endpoint in question. Which of the following questions should the administrator ask the end user about the McAfee icon to validate that the ENS firewall might be disabled?

Options:

A.

Is the icon flashing/blinking?

B.

Has the endpoint emitted a notification/alert sound (e.g., an error sound)?

C.

Is there a notification bubble displayed in the system notification area?

D.

Is the icon a color gray with a red/white exclamation mark?

Question 10

An administrator wants to allow remote users the ability to access the Internet from unsecure WiFi access points to connect to the VPN. Which of the following ENS 10.5 features should the administrator use to accomplish this?

Options:

A.

Trusted Networks

B.

Location-based Groups

C.

Timed Groups

D.

Connection Isolation Groups

Page: 1 / 3
Total 70 questions
Get MA0-107 Full Access Download MA0-107 PDF