Labour Day Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia
  1. Home
  2. McAfee
  3. ISCPS SIEM
  4. MA0-104
  5. Intel Security Certified Product Specialist Questions and Answers

MA0-104 Sample Questions Answers

Questions 4

Alarms using field match as the condition type allow for selected Actions to be taken when the Alarm condition is met. Which of the following McAfee ePolicy Orchestrator (ePO) Actions can be selected when creating such Alarm?

Options:

A.

Send Events

B.

Collect and Send Properties

C.

Agent Uninstall

D.

Assign Tag with ePO

Buy Now
Questions 5

The ESM supports five Authentication methods. The default login option uses the standard Username and Password format. Which of the following are the other four methods available?

Options:

A.

RADIUS, TACACS+, Active Directory, LDAP.

B.

Active Directory, NTLM, TACACS+, LDAP.

C.

LDAP, Active Directory, RADIUS, CAC.

D.

CAC, LDAP, RADIUS,TACACS+.

Buy Now
Questions 6

The fundamental purpose of the Receiver Correlation Subsystem (RCS) is

Options:

A.

to analyze data from the ESM and detect matching patterns.

B.

to collect and consolidate identical data from the ESM into a single summary event.

C.

to classify or categorize data from the Receiver into related types and sub-types.

D.

to organize, retrieve and archive data from the Receiver into the SIEM database.

Buy Now
Questions 7

The McAfee Advanced Correlation Engine (ACE) can t>e deployed in one of two modes which are.?

Options:

A.

Threshold and Anomaly.

B.

Prevention and Detection.

C.

Stateful and Stateless.

D.

Historical and Real-Time.

Buy Now
Questions 8

When the automated system backup is configured to include events, flows and log data, the first backup will capture all events, flows and logs

Options:

A.

in the ESM database.

B.

in the ESM database older than what is currently held in the Receivers.

C.

inserted in the ESM database on the most recent Receiver poll.

D.

in the ESM database from the current day.

Buy Now
Questions 9

Which options within the Receiver properties should be selected to configure the device to respond to ICMP echo requests?

Options:

A.

Receiver ManagementAUpdate Device

B.

Receiver Configuration\lnterface

C.

Connedion\Status

D.

Key Management Key Device

Buy Now
Questions 10

The Database Event Monitor (DEM) appliance prevents disclosure of Personally Identifiable Information (Pll) by employing which of the following features to those types of information?

Options:

A.

Obfuscation masks

B.

Pll filter masks

C.

Sensitive data masks

D.

Filter masks

Buy Now
Exam Code: MA0-104
Exam Name: Intel Security Certified Product Specialist
Last Update: May 1, 2024
Questions: 70
$64  $159.99
$48  $119.99
$40  $99.99
buy now MA0-104