McAfee Certified Product Specialist - ENS (MA0-107) Free Practice Test

Question 1

Organizational security policy requires a host-based firewall on endpoints. Some endpoints have applications where documentation depicting network traffic flows is not readily available. Which of the following ENS
10.5 firewall features should be used to develop rules for their firewall policy?

A. Adaptive Mode

B. Trusted Executables

C. Trusted Networks

D. Location-aware Groups

Correct Answer: C

Question 2

Which of the following fields can an ePO administrator use when creating exclusions for Dynamic Application Containment?

A. Rule

B. File version

C. MD5 hash

D. Certificate

Correct Answer: C

Question 3

An ENS administrator wants to dynamically create firewall rules required for the environment. In Enable Firewall Policies/Options, which of the following should be utilized?

A. Adaptive mode

B. Log all allowed traffic

C. Log all blocked traffic

D. Retain existing user added rules

Correct Answer: C

Question 4

An ENS administrator is configuring on-access protection but finds the trusted backup tool is causing an unneeded performance impact. Which of the following actions should the administrator take?

A. Endpoint Security Threat Prevention Policy Category / Exploit Prevention/Exclusions / Exclude Backup Tool executable

B. Endpoint Security Threat Prevention Policy Category / Threat Prevention Policy Category / Access Protection / Exclusion / Exclude the Backup Tool executable

C. Endpoint Security Threat Prevention Policy Category / On Access scan / Process Settings / Low Risk Processes / Exclude Backup Tool executable

D. Enable McAfee GTI Feedback under Endpoint Security Threat Prevention Policy Category / Options / Proactive Data Analysis

Correct Answer: C

Question 5

A security technician is configuring the exploit prevention policy. Based on best practices for critical servers, which of the following severity levels should the technician configure signatures to block after a requisite period of tuning?

A. Informational

B. Medium

C. High

D. Low

Correct Answer: C

Question 6

An administrator wants to prevent incoming packets until the system reboots fully. Which of the following features should be configured to allow this?

A. Treat McAfee GTI Match as an Intrusion

B. Block All Untrusted Executables

C. Allow Only Outgoing Traffic Until Firewall Services Have Started

D. Allow Bridged Traffic

Correct Answer: C

Question 7

Security operations has recently received indicators of compromise (IOCs) detailing a new piece of malware for which coverage is not available. The threat advisory recommends a list of file paths and registry keys to prevent this new malware from successfully executing. Which of the following ENS 10.5 features should be used to achieve this goal?

A. Web Control

B. Exploit Prevention

C. Access Protection

D. Real Protect

Correct Answer: C

Welcome to TestSimulate

McAfee Certified Product Specialist - ENS (MA0-107) Free Practice Test