Summer Certification Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
McAfee
McAfee Certified Product Specialist
MA0-107
McAfee Certified Product Specialist - ENS Questions and Answers

Pass the McAfee Certified Product Specialist MA0-107 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam MA0-107 Premium Access

View all detail and faqs for the MA0-107 exam

Go to Exam

711 Students Passed

85% Average Score

95% Same Questions

Viewing page 2 out of 3 pages

Viewing questions 11-20 out of questions

Questions # 11:

On Windows 8 and 10 machines, Windows places a flag in the tile of an app, causing Windows to notify the user of a problem and directing the user to the Windows Store to reinstall. This flag is placed on the tile when the Threat Prevention scanner detects a threat in the path of an installed Windows Store app, and marks the application as:

Options:

malicious.

suspicious.

questionable.

tampered.

Answer

Questions # 12:

The security team has requested that adaptive threat protection be integrated with a TIE server. Which of the following is required?

Options:

Data Exchange Layer

Advanced Threat Defense

Event Security Manager

Active Response

Answer

Questions # 13:

In Web Control, "Enable Web Category blocking of restricted content" is enforced. Which of the following describes the result if a user enters a restricted site?

Options:

The color is gray, and access is denied.

The pop-up color is red, and access is denied.

The color is orange, and access is denied.

The pop-up color is blue, and access denied.

Answer

Questions # 14:

An ENS administrator wants to dynamically create firewall rules required for the environment. In Enable Firewall Policies/Options, which of the following should be utilized?

Options:

Retain existing user added rules

Adaptive mode

Log all blocked traffic

Log all allowed traffic

Answer

Questions # 15:

In which of the following ways would ATP determine the reputation information if Adaptive Threat Protection (ATP) is deployed and neither a TIE server nor an Internet connection is available?

Options:

ATP will use information from the local system.

ATP will query other systems in the environment.

ATP will do nothing and auto-disable itself.

ATP will prompt the user for manual input.

Answer

Questions # 16:

Which of the following is the benefit of a TIE server with regard to the Adaptive Threat Protection module?

Options:

It communicates with McAfee GTI for file and certificate reputation for malicious code.

It is required, and the Adaptive Threat Protection will only work with the TIE server.

The Threat Protection cache flushes when the reputation rules change.

The stored file and certificate reputations are locally stored, making the remediation automatically quicker.

Answer

Questions # 17:

Security operations has recently received indicators of compromise (IOCs) detailing a new piece of malware for which coverage is not available. The threat advisory recommends a list of file paths and registry keys to prevent this new malware from successfully executing. Which of the following ENS 10.5 features should be used to achieve this goal?

Options:

Web Control

Exploit Prevention

Real Protect

Access Protection

Answer

Questions # 18:

A company's security posture requires the ENS firewall to be enabled; however, the team is unsure of communication flows in the environment. In which of the following modes should the ePO administrator deploy the firewall policy to achieve flow awareness?

Options:

Adaptive Mode

Interface Mode

Enforce Mode

Observe Mode

Answer

Questions # 19:

An administrator wants to add executables that are monitored with the Exploit Prevention engine. To which of the following policy sections should the executables be added?