McAfee MA0-104 Exam Questions

Question 6 of 70

Which of the following security technologies sits inline on the network and prevents attacks based on signatures and behavioral analysis that can be configured as a data source within the SIEM?

A.

Firewall

B.

Email Gateway

C.

Host Intrusion Prevention System

D.

Network Intrusion Prevention System

Question 7 of 70

Analysts can effectively use the McAfee SIEM to identify threats by

A.

focusing on aggregated and correlated events data.

B.

disabling aggregation, so all data are visible.

C.

studying ELM archives, to analyze the original data.

D.

use the streaming event viewer to analyze data.

Question 8 of 70

If there is no firewall at the border of the network, which of the following could be used to simulate the protection a firewall provides?

A.

Load balancer

B.

Router Access Control List (ACL)

C.

Switch port blocking

D.

An email gateway

Question 9 of 70

When viewing the Policy Tree, what four columns are displayed within the Rules Display pane?

A.

Action, Severity, Aggregation, Copy Packet

B.

Action, Severity, Normalization, Copy Packet

C.

Action, Severity, Aggregation, Drop Packet

D.

Enable, Severity, Aggregation, Copy Packet

Question 10 of 70

An organization notices an increasing number of ESM concurrent connection events. To mitigate risks related to concurrent sessions which action should the organization take?

A.

Increase the concurrent session alarm threshold

B.

Decrease the console timeout value

C.

Increase the number of the concurrent sessions allowed

D.

Customize the login page with the organization’s logo