DISA HBSS 201 Admin ePO5.1 (2014 Version)

¡Supera tus tareas y exámenes ahora con Quizwiz!

What is the default password for unlocking the client user interface when troubleshooting the McAfee HIPS client?

abcde12345

How do you uninstall the HIPS client for Windows from a managed system?

-Configure the IPS Options policy to disable IPS; Configure the McAfee Agent deployment task to remove the HIPS client. -Remove the HIPS client package from the ePO Master repository and initiate the McAfee Agent wakeup call. -Configure the McAfee Agent Update task to uninstall the HIPS client and initiate the McAfee Agent wakeup call. -Remove the Extension from the ePO server and initiate the McAfee Agent wakeup call.

Prior to imaging the system the registry entry for the McAfee Agent; which line should be deleted?

-HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePO\Agent\EpoGUID -HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePO\Agent\CMA GUID -HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePO\Agent\Agent SID -HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePO\Agent\AgentGUID

Which statement best defines Application Shielding in HIPS?

A. Applications; system registry and services are locked down against malicious activity. B. Applications are not permitted to access data; registry and services outside their own application envelope.- Wrong C. Applications are prevented from communicating with any network services that are not defined by the administrator. D. Applications can only hook to the processes that match the digital signature imported into HIPS.

From this list select the format that you cannot export your query results to.

A. CSV B. DOC C. XML- Wrong D. HTML E. PDF Dunno?

To verify that the IP address sorting criteria that has not been configured to overlap between different groups; you can use which of the following options?

A. Combined IP Integrity B. Check IP Integrity C. Check IP Groups D. Display IP Sorting- Wrong

To manually move a system from one group to another; you do which two things with the system to move it to the other group?

A. Drag and drop B. Copy and paste C. Right click and move- Wrong D. Left click and move

The Agent to Server Communication for the McAfee Agent is encrypted using which of the following?

A. IPSEC- Wrong B. SPIPE C. TLS- Correct D. HTTP

Which of the following is not a protection level defined in the IPS Protection Policy?

A. Ignore- Wrong B. Allow C. Log D. Prevent

Which statement is true concerning the ePO console?

A. It is web based and designed completely in HTML and JavaScript. B. It is a stand alone application and uses Java code. C. It utilizes the Microsoft Management Console MMC.- Wrong D. It provides remote consoles that can be installed on UNIX platforms.

Public Queries exist in which of the following lists?

A. Public Groups B. Shared Groups C. My Groups- Correct D. Query Groups- Wrong

Which IPS policy determines what options are available to a client computer with a HIPS client; including; whether or not the client icon appears in the system tray; types of intrusion alerts; and password to allow access to the client user interface?

A. Server UI B. Policy Settings- Wrong C. Client GUI D. Client UI

The Client Task Catalog allows you to create which of the following?

A. Server task objects B. Client task objects C. Client task rules- Wrong D. Client task profiles

Which of the following is a valid statement regarding the task of managing policies in ePO?

A. The only way to apply an existing policy to a node in the ePO tree is through inheritance. B. When you assign a new policy to a particular group of the Directory; then all systems under that group with inheritance intact will inherit the new policy. C. Policies that have been duplicated can only be applied to the Directory level in the ePO console. D. Policies cannot be exported or imported from one ePO server to another ePO server.- Wrong

Select the ePolicy Orchestrator component that caches policies to reduce database reads and speed up ASCI time.

A. Tomcat- Wrong B. Apache C. Event Parser D. McAfee Agent

Each Firewall Rule provides a set of conditions that which of the following has to meet?

A. Users B. Computers C. Traffic D. Protocols- Wrong

Which ePO user listed below can create and edit tags in ePO?

Administrator

If a connection is in the state table; what action will occur with future traffic for that connection?

Allow

Select the ePolicy Orchestrator component that provides the UI of the System tree; sorting of nodes; tags and policies.

Apache

What can be created to prevent interpreting a normal behavior as an attack?

Exception

Which of the following can be created to prevent interpreting a normal behavior as an attack?

Exception

What are the four main types of Permission Sets in ePO?

Executive Reviewer; Global Reviewer; Group Admin; Group Reviewer

What column is not displayed in the Audit Log?

Failure

Which executable runs the main HIPS service?

Firesvc.exe

What are the four severity levels of signature in HIPS?

High, Medium, Low, Informational

Which is not a type of IPS Signature?

Host Signatures Custom Host Signatures- Wrong Network Signatures Global Signatures

Assume three IPS policies are applied to a node; 1 default and 2 custom. The default severity level is set to HIGH; 1 custom severity level is set to LOW and the other custom is set to MEDIUM. What is the effective severity level outcome for the applied policy?

Low Med High- Wrong Least Restrictive

Which ePO component gathers the events from the managed systems and communicates them to the ePO server?

McAfee Agent

Which ePO core component enforces the policies on the systems?

McAfee Agent

DISA HBSS 201 Admin ePO5.1 (2014 Version)

Pull Task

What ePO server task updates ePO distributed repositories from the master repository?

Pull task

How do yo uninstall the HIPS 7.0 client for Windows from a managed system?

Remove the extension from the ePO Server and initiate the McAfee Agent wakeup call.( double check answer)

Which answer lists ALL the layers of protection in the HIPS client?

Signature, behavioral and firewall protection

Which ePO repository provides all updates to the ePO Master repository?

Source

What types of Tags can you create?

Tags without criteria and Criteria-based tags

In which order are HIPS Firewall rules processed to filter incoming packets?

Top to bottom

In the Client Task Catalog you can export all of your client tasks into an XML file that can be imported into another ePolicy Orchestrator Server.

True


Conjuntos de estudio relacionados

CPT-168 - Homework #10 - John Vanassen

View Set

Social Studies Weekly Quarter 3, Week 20

View Set

Chapter 15 - Stockholders Equity

View Set

CRC Foundations - Clinical Research Coordinator (CRC) Responsibilities

View Set