1. Home
  2. McAfee
  3. ISCPS SIEM
  4. MA0-104
  5. Intel Security Certified Product Specialist Questions and Answers

Pass the McAfee ISCPS SIEM MA0-104 Questions and answers with CertsForce

 McAfee Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 3 pages
Viewing questions 1-10 out of questions
Questions # 1:

Where can the ESM event database archive inactive partitions?

Options:
A.

Storage on the hard disk of the ESM itself

B.

Storage on the hard disk of the backup ESM

C.

Storage on the ELM

D.

Remote storage connected to the ESM

Questions # 2:

The Database Event Monitor (DEM) appliance prevents disclosure of Personally Identifiable Information (Pll) by employing which of the following features to those types of information?

Options:
A.

Obfuscation masks

B.

Pll filter masks

C.

Sensitive data masks

D.

Filter masks

Questions # 3:

Which options within the Receiver properties should be selected to configure the device to respond to ICMP echo requests?

Options:
A.

Receiver ManagementAUpdate Device

B.

Receiver Configuration\lnterface

C.

Connedion\Status

D.

Key Management Key Device

Questions # 4:

The McAfee Advanced Correlation Engine (ACE) can t>e deployed in one of two modes which are.?

Options:
A.

Threshold and Anomaly.

B.

Prevention and Detection.

C.

Stateful and Stateless.

D.

Historical and Real-Time.

Questions # 5:

Which of the following ports is the correct choice for use when configuring the database properties of a McAfee Network Security Platform (NSP) Device Data Source?

Options:
A.

1433

B.

5432

C.

9001

D.

3306

Questions # 6:

The configuration of a receiver has recently been modified and issues occur. Which command will collect historical data?

Options:
A.

htop

B.

getstatsdata

C.

snmpget

D.

df

Questions # 7:

The possibility of both data source Network Interface Cards (NICs) using the shared IP and MAC address at the same time is eliminated by using which of the following?

Options:
A.

iSCSI Adapter

B.

iPMICard

C.

PCI Adapter

D.

SAN Card

Questions # 8:

A security administrator is configuring the Enterprise Security Manager (ESM) to comply with corporate security policy and wishes to restrict access to the ESM to certain users and machines Which of the following actions would accomplish this?

Options:
A.

Configure the Access Control List and setup user accounts

B.

Define user groups and set permissions based on IP

C.

Assign AD users to computer assignment groups

D.

Setup local accounts based on IP Zones

Questions # 9:

The McAfee SIEM baselines daily events over

Options:
A.

three days

B.

five days

C.

seven days

D.

nine days

Questions # 10:

Checkpoint firewalls provide logs to the McAfee SIEM Receiver in which of the following formats?

Options:
A.

Syslog

B.

open Platform for Security (OPSEC)

C.

McAfee Event Format (MEF)

D.

Common Event Format (CEF)

Viewing page 1 out of 3 pages
Viewing questions 1-10 out of questions