Labour Day Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Login / Register

Question # 4

A security administrator is configuring the Enterprise Security Manager (ESM) to comply with corporate security policy and wishes to restrict access to the ESM to certain users and machines Which of the following actions would accomplish this?

A.

Configure the Access Control List and setup user accounts

B.

Define user groups and set permissions based on IP

C.

Assign AD users to computer assignment groups

D.

Setup local accounts based on IP Zones

Full Access
Question # 5

Which of the following statements about Client Data Sources is TRUE?

A.

They will have VIPS, Policy and Agent rights.

B.

They will be d splayed on the Receiver Properties > Data Sources table.

C.

They will appear on the System Navigation tree.

D.

They can have independent time zones.

Full Access
Question # 6

When viewing the Policy Tree, what four columns are displayed within the Rules Display pane?

A.

Action, Seventy, Aggregation, Copy Packet

B.

Action, Seventy, Normalization, Copy Packet

C.

Action, Seventy, Aggregation, Drop Packet

D.

Enable, Severity, Aggregation, Copy Packet

Full Access
Question # 7

What Firewall component is natively used by the McAfee SIEM appliances to protect the appliances from unauthorized communications?

A.

Iptables

B.

McAfee Host Intrusion Prevention System (HIPS)

C.

Linux Firewall

D.

Access Control List (ACL)

Full Access
Question # 8

An organization notices an increasing number of ESM concurrent connection events. To mitigate risks related to concurrent sessions which action should the organization take?

A.

Increase the concurrent session alarm threshold

B.

Decrease the console timeout value

C.

Increase the number of the concurrent sessions allowed

D.

Customize the login page with the organization's logo

Full Access
Question # 9

The normalization value assigned to each data-source event allows

A.

increased usability via views based on category rather than signature ID

B.

more efficient parsing of each event by the McAfee SIEM Receiver.

C.

quicker ELM searches

D.

the McAfee ESM database to retain fewer events overall.

Full Access
Question # 10

The possibility of both data source Network Interface Cards (NICs) using the shared IP and MAC address at the same time is eliminated by using which of the following?

A.

iSCSI Adapter

B.

iPMICard

C.

PCI Adapter

D.

SAN Card

Full Access