Directory Image
This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.

MA0-104 Exam Questions & Answers

Author: Monika Bergmann
by Monika Bergmann
Posted: Nov 04, 2016

Question: 1

The historical ACE function allows the user to perform retrospective correlations on older data. In which of the following devices is the data located that the historical correlation engine uses?

A. ELM

B. REC

C. ADM

D. ESM

Answer: A

Question: 2

When preparing to apply a patch to the Enterprise Security Manager (ESM) and completing the ESM checklist, the command cat/proc7mdstat has been issued to determine RAID functionally The system returns an active drive result identified as [U J What action should be taken?

A. Apply the patch, this is a properly functional RAID which can be upgraded.

B. Apply the patch, drive 1 is active and can be upgraded.

C. Apply the patch, drive 2 is active and can be upgraded.

D. Contact support before proceeding with the upgrade.

Answer: D

Question: 3

The McAfee Advanced Correlation Engine (ACE) can t>e deployed in one of two modes which are.?

A. Threshold and Anomaly.

B. Prevention and Detection.

C. Stateful and Stateless.

D. Historical and Real-Time.

Answer: D

Question: 4

The Database Event Monitor (DEM) appliance prevents disclosure of Personally Identifiable Information (Pll) by employing which of the following features to those types of information?

A. Obfuscation masks

B. Pll filter masks

C. Sensitive data masks

D. Filter masks

Answer: C

Question: 5

One or more storage allocations, which together specify a total amount of storage, coupled with a data retention time that specifies the maximum number of days a log is to be stored, is known as a

A. Storage Volume.

B. Storage Pool.

C. Storage Device.

D. Storage Area Network (SAN).

Answer: B

Question: 6

Which of the following security technologies sits inline on the network and prevents attacks based on signatures and behavioral analysis that can be configured as a data source within the SIEM?

A. Firewall

B. Email Gateway

C. Host Intrusion Prevention System

D. Network Intrusion Prevention System

Answer: D

Question: 7

Analysts can effectively use the McAfee SIEM to identify threats by?

A. focusing on aggregated and correlated events data.

B. disabling aggregation, so all data are visible.

C. studying ELM archives, to analyze the original data

D. use the streaming event viewer to analyze data.

Answer: A

About the Author

Ou can buy and download our downloadable 712-50 material for 712-50 EC-Council Certified CISO (CCISO) exam quite easily. Just add this study material to your cart, enter your billing information and once you have completed the purchase process

Rate this Article
Leave a Comment
Author Thumbnail
I Agree:
Comment 
Pictures
Author: Monika Bergmann

Monika Bergmann

Member since: Oct 13, 2016
Published articles: 44

Related Articles

MA0-100: Intel Security Certified Product Specialist—ePO

Overview: The Exam MA0-100, titled as Intel Security Certified Product Specialist Exam, forms a part of the Intel Security Certification...

  Eugene a. Hilson
Information about Din rail fiber patch panel – Unisol Communications

For fiber management, the Din rail fiber patch panel is an integrated unit, Inside the box as well as to fix these equipment functions and...

  Thahaseen Haseen
Industrial Automation and Applications of Din rail patch panel – Unisol Communications

Din rail patch panels are used in industries as it has a compact and rugged design case.Din rail patch panels are the perfect choice for...

  Thahaseen Haseen