Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

McAfee MA0-107 - McAfee Certified Product Specialist - ENS

McAfee MA0-107 Premium Access     Download Demo    
Page: 1 / 3
Total 70 questions

A company's security posture requires the ENS firewall to be enabled; however, the team is unsure of communication flows in the environment. In which of the following modes should the ePO administrator deploy the firewall policy to achieve flow awareness?

A.

Adaptive Mode

B.

Interface Mode

C.

Enforce Mode

D.

Observe Mode

A hospital in another county just received a new variant of ransomware that infected 70% of its systems. After learning the characteristics of this ransomware, the security team wants to implement a protection policy to stop certain files from being modified and new registry keys from being created that are relevant to the ransomware. Which of the following policies meets this requirement?

A.

Exploit prevention policy

B.

Block and allow list policy

C.

Access protection policy

D.

Firewall rules policy

A security professional is configuring ENS for a client and wants to ensure applications will be prevented from executing software locally from the browser or email client. Which of the following McAfee-defined rules should be implemented?

A.

Creating new executable files in the Windows folder

B.

Installing browser helper objects or shell extensions

C.

Registering programs to autorun

D.

Running files from common user folders by common programs

An administrator wants to exclude folder ABC on various drives. In which of the following ways should the administrator list the exclusion in the policy?

A.

??\ABC

B.

**\ABC

C.

***\ABC

D.

???\ABC

The ePO administrator sees the ENS firewall has been disabled on an endpoint in ePO. The end user states that no changes were made to the McAfee products on the endpoint in question. Which of the following questions should the administrator ask the end user about the McAfee icon to validate that the ENS firewall might be disabled?

A.

Is the icon flashing/blinking?

B.

Has the endpoint emitted a notification/alert sound (e.g., an error sound)?

C.

Is there a notification bubble displayed in the system notification area?

D.

Is the icon a color gray with a red/white exclamation mark?

Which of the following items are sent to the cloud when Real Protect scanning is enabled on endpoints that are connected to the Internet?

A.

System information

B.

Running process

C.

Behavioral information

D.

File reputation

An administrator suspects that Self Protection is preventing local installation of a patch. Which of the following log levels should the administrator review?

A.

Event logging

B.

Debug logging

C.

Activity logging

D.

High severity logging

An ENS administrator wants to dynamically create firewall rules required for the environment. In Enable Firewall Policies/Options, which of the following should be utilized?

A.

Retain existing user added rules

B.

Adaptive mode

C.

Log all blocked traffic

D.

Log all allowed traffic

An administrator wants to prevent incoming packets until the system reboots fully. Which of the following features should be configured to allow this?

A.

Treat McAfee GTI Match as an Intrusion

B.

Allow Bridged Traffic

C.

Allow Only Outgoing Traffic Until Firewall Services Have Started

D.

Block All Untrusted Executables

An administrator wants to allow remote users the ability to access the Internet from unsecure WiFi access points to connect to the VPN. Which of the following ENS 10.5 features should the administrator use to accomplish this?

A.

Trusted Networks

B.

Location-based Groups

C.

Timed Groups

D.

Connection Isolation Groups