March Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

McAfee MA0-107 McAfee Certified Product Specialist - ENS Exam Practice Test

Demo: 10 questions
Total 70 questions

McAfee Certified Product Specialist - ENS Questions and Answers

Question 1

An administrator wants to see more details about recent activity on an endpoint than what is shown in the ENS console. In which of the following locations can the administrator view the log files?

Options:

A.

%ProgramFiles%\McAfee\Logs

B.

%ProgramFiles%\McAfee\Endpoint Security\Logs

C.

%ProgramData%\McAfee\Endpoint Security\Logs

D.

%ProgramData%\McAfee\Logs

Question 2

The ENS administrator wants to monitor remotely the modification of files, but BigFix.exe is generating many false positives. Which of the following should the ENS administrator do?

Options:

A.

Exclude the file under Threat Prevention / Access Protection / Remotely creating or modifying Files or Folders.

B.

Add the file as a High Risk Process under Threat Prevention / On Access Scan / Process settings.

C.

Exclude the file under Common Options / Self Protection.

D.

Add the file under Threat Prevention / Options/ Exclusions by detection name.

Question 3

On Windows 8 and 10 machines, Windows places a flag in the tile of an app, causing Windows to notify the user of a problem and directing the user to the Windows Store to reinstall. This flag is placed on the tile when the Threat Prevention scanner detects a threat in the path of an installed Windows Store app, and marks the application as:

Options:

A.

malicious.

B.

suspicious.

C.

questionable.

D.

tampered.

Question 4

An ePO administrator needs to add exclusions for a folder. The folder has been created in several locations, including C:\Program Files\Custom\Acme or C:\Program Files\Acme, but the folder could be located in other subfolders in the Program Files folder. Which of the following is the correct way to write an exclusion for the Acme folder?

Options:

A.

\Program Files\?\Acme

B.

\Program Files\**\Acme

C.

\Program Files\*\Acme

D.

\Program Files\??\Acme

Question 5

An engineer needs to allow a specific application to run. The engineer just finished creating an Exploit Prevention process exclusion. After applying the exclusion, the engineer notices the application is not being run. The following information is provided to the engineer:

Which of the following is the error with the engineer's exclusion?

Options:

A.

A signature ID was not entered.

B.

Exclusions are case sensitive.

C.

A hash was not specified.

D.

Wildcard was not used.

Question 6

Which of the following methods should an administrator enable to address possible buffer overflow conditions?

Options:

A.

On-demand Scan

B.

Exploit Prevention

C.

Access Protection rules

D.

McAfee GTI feedback

Question 7

A security technician is configuring the exploit prevention policy. Based on best practices for critical servers, which of the following severity levels should the technician configure signatures to block after a requisite period of tuning?

Options:

A.

Low

B.

High

C.

Informational

D.

Medium

Question 8

An ENS administrator is configuring on-access protection but finds the trusted backup tool is causing an unneeded performance impact. Which of the following actions should the administrator take?

Options:

A.

Endpoint Security Threat Prevention Policy Category / Threat Prevention Policy Category / Access Protection / Exclusion / Exclude the Backup Tool executable

B.

Endpoint Security Threat Prevention Policy Category / Exploit Prevention/Exclusions / Exclude Backup Tool executable

C.

Endpoint Security Threat Prevention Policy Category / On Access scan / Process Settings / Low Risk Processes / Exclude Backup Tool executable

D.

Enable McAfee GTI Feedback under Endpoint Security Threat Prevention Policy Category / Options / Proactive Data Analysis

Question 9

An administrator wants to allow remote users the ability to access the Internet from unsecure WiFi access points to connect to the VPN. Which of the following ENS 10.5 features should the administrator use to accomplish this?

Options:

A.

Trusted Networks

B.

Location-based Groups

C.

Timed Groups

D.

Connection Isolation Groups

Question 10

Which of the following items are sent to the cloud when Real Protect scanning is enabled on endpoints that are connected to the Internet?

Options:

A.

System information

B.

Running process

C.

Behavioral information

D.

File reputation

Demo: 10 questions
Total 70 questions