ePO Certification, ePO 5.9 Essentials questions
When are policy catalog pages added?
When installing a product extension
If a group has multiple sorting criteria assigned, when will a system be placed in that group?
When it matches at least one of the sorting criteria
John wants to import a server task from an ePO server on the same network but is located in a remote office. What type of file extension would he need from the other ePO server to successfully import that server task into his ePO server?
XML
Main McAfee Agent 5.x log files for general activity and point product communication located at locally on an endpoint?
\Program Data\McAfee\Agent\logs
When creating a new Product Deployment, systems can be selected for software deployment based on Tags for which type of deployment?
continuous
Customers can use the _____________________________ to help customize the navigation menu bar for quick access to the features and functionality used most in their environment
drag and drop functionality
You want to remove a feature item from the navigation menu bar in ePO console - what can you do to accomplish this:
drag and drop items off the menu bar
If you are looking to get data on malware detections in your environment - default dashboard that provides this type of info?
ePO Summary, Executive Dashboard
Which dashboard is active by default?
ePO summary
If Global Updating is enabled in your environment, what package types are available for selection to trigger this feature?
engines, patches, signatures, and service packs
What is the basic functionality of the McAfee Agent?
installs products and upgrades, gathers local info the send to ePO, enforces ePO policies and tasks locally
What does ePO allow you to do in your environment?
manage host & network security products, deploy security products, update DAT and Engine files
Ron is receiving the "error comparing selected policies..." message when attempting to compare policies from Policy History. What is the cause for this issue?
only 1 policy is selected for comparison
James is trying to enter "McAfee1" as his keystore encryption passphrase but is getting an error. Why is he receiving an error?
passphrase must be at least 8 characters
John wants to install ePO 5.9 on his server and already has SQL installed in his environment. What next:
run pre-installation auditor
If tom were to edit the "disaster recovery snapshot server" task, what is identified as the action to take for this task?
snapshot server command
How many nodes are required to have a dedicated ePO server?
(Pat's notes say 5,000, but the McAfee software installation guide says 250)
What is the command line option for cmdagent.exe that checks/enforces policies upon receipt?
/c
Wanting to use SQL Express to manage ePO db on, managing over 200K endpoints on ePO. What main limitation of SQL Express should he be aware of prior to installation for the size of his environment?
10 GB of maximum storage space
If Tom is installing ePO for the first time, which of the following is identified in the installation as the default port used to connect SQL to the ePO server
1433
What is the default number of sensors (remote system detection?) active per subnet?
2
ePO server needs a dedicated SQL server when handling how many nodes?
5,000 nodes
What is the max ping timeout in agent policy?
60 seconds
For ePO to perform at the highest capacity, customers must ensure the server that ePO will be installed on has a minimum _________
8 GB of RAM
What are the Agent Handler ports on a firewall?
80 & 1433
Which ports does the Apache server listen on?
80 & 443
Which port is used to view the agent log remotely?
8081
To remove computers from ePO using an AD sync task, what does your account need to have access to?
Active Directory
How can you prevent a RSD sensor from installing on a managed system?
Add system to blacklist
To edit permission sets in ePO server - which account type need permissions to?
Administrator
What is an alient agent?
An agent that is reporting to a different ePO server
What is the server service that handles events, groups, tags, and agents?
Apache
Which of the following services accepts events from the client system and places these into the Events folder so the Event Parser service can eventually grab them
Apache
Which server service is responsible for communication with agents?
Apache
When creating a Run Query server task, what sub actions can be selected to automatically act upon the results?
Apply tag Delete sensor Export to file
What are the available automatic query actions?
Assign policy Move systems Email file
What areas on the ePO console can be used to reset inheritance?
Assigned Policies Policy Catalog Client Tasks
What action is prevented by locking a policy?
Assigning
What action cannot be completed in Policy Catalog?
Assigning a policy
Identify and review all permissions related activities in ePO - where do you go to get this info?
Audit Log
After a query is run, where are the available actions located?
Bottom left hand corner of the screen
If you want to export off a report in ePO - which of the following formats are available for report?
CSV, XML, HTML, PDF
What are query results shown as?
Charts & Tables
What should be the maintenance plan for the SQL database?
Check, Rebuild, and Backup
When right-clicking and "scanning" a file, what are the two options?
Clean & Continue
What is used to create, assign, and schedule tasks for endpoints?
Client Task Catalog
What format does the ePO server use to write to database tables?
Common Events Format (CEF)
Where would you go to enable authentication into ePO via certificates?
Configuration > Server Settings
If you use Automatic Responses in ePO to alert / notify you via email on security events that get triggered, best to configure a _____________________ for enabling the response
Contact
When a subnet has RSD installed, what is it referred to as?
Covered
What does the McAfee agent policy, "minimal properties", include?
DAT version Installation path
What are the two options for creating a new policy?
Duplicate & New
When does the On-Demand scan take CPU & IO samples?
During the first 30 seconds
Installed ePO in environment and connected to existing in-house SQL 2012 server for db: "Status" display for Disaster Recovery Snapshot Server task first time viewing?
Enabled
What is Framework service responsible for?
Enforce policy Collect and send props
What is the Agent Handler used for?
Ensuring agents receive pushes
Which file contains a list of disabled event IDs?
Evtfltr.ini
Permission sets provided by default for basic functionality?
Executive reviewer, global reviewer, group admin, group reviewer
What are the valid deployment package types?
Extra DAT Language pack
What is the function used to limit a query's resulting output?
Filter
Which component controls scheduled tasks and communicates with agents?
Framework service
Which service is related to Super Agents?
Framework service
What automates replication to distributed repositories to help keep managed endpoints current?
Global Updating
What is the default permission set?
Group reviewer
James has just installed ePO 5.x on his server. Now he will use _________________________
Guided Configuration
Need assistance in understanding what some of the available selection items on the System Tree are used for - what can he access to get more details from the product guide for items displayed on this page
Help button
What is the Artemis Sensitivity level selected for regularly infected systems?
High
Which methods can be used to add systems to groups within the System Tree?
Importing AD containers Using text file Importing NT systems
Which utility is used to create a Virus Scan installation package containing a DAT?
Installation designer
What are the (AD?) sync type options?
Leave systems in current group only Add systems to Sync and leave in current group Move systems from current group to Sync
Which function is disabled for the ePO summary dashboard?
Make public
client-side component that provides communication between endpoint and ePO
McAfee Agent
Know various ways to populate endpoints into System Tree on ePO server:
McAfee Agent Deployment Task, Import systems from a text file, AD synchronization
If a policy is deleted from the "My Organization" group, what policy gets assigned?
McAfee Default
What is the server integration platform that ePO is based on, where point product extensions for ePO are built
McAfee Foundation Services
makes available integration with 3rd party vendor software
McAfee Security Innovation Alliance
What is the Artemis Sensitivity level when the regular risk of exposure is greater than risk of false positive?
Medium
What are the default column headers in Server Tasks?
Name & Status
When managing tags in System Tree, what is not available?
New tag (in tag catalog)
Why does a managed system appear in Lost & Found?
No matching criteria were found
When configuring AD, what can be added as exceptions?
Organizational units
Where do you go in ePO to change the ePO logon password?
Personal Settings
Where would you go to manage priority as to when a policy assignment rule is triggered?
Policy > Policy Assignment Rules > Actions [dropdown] > Edit Priority
where do you go to review any changes made to a product policy in your environment?
Policy > Policy History
configures security policies deployed to endpoint
Policy Catalog
When comparing policy changes made for two policies in ePO, what would you select to see only values that changed between these policies?
Policy Comparison > Show Only Differences
Which of the following does the Guided Configuration dashboard help walk you through when utilizing it?
Policy Configuration, Software Selection, Software Deployment, Software Updating
What options are available in the ePO Server Settings?
Ports Global Updating Email Server
When running Pre-Installation Auditor prior to an upgrade to ePO 5.9.0, a ________________________________ button is available to review a list of customer specific products installed in the previous version that are blocked and no longer available or will be disabled in ePO 5.9.0 after the upgrade completes.
Product Compatibility Check
The ____________________________ option can be used to setup a continuous fixed way of installing software out to endpoints automatically as they are added to a managed group
Product Deployment
What are the valid server tasks for updating ePO repositories?
Pull & Replicate
If an update is available for product software and/or extension that is checked into ePO already, what color is the most recent available version displayed in:?
Red
To ensure you have the most up-to-date list of products available for your account, click the __________________ button in Software Manager
Refresh
Where do you go in ePO to add a syslog server?
Registered Servers
Where do you go in ePO to add an active directory server?
Registered Servers
You can add a connection to an AD server in ePO by creating a new server entry under
Registered Servers--
Which two items are modified in the "Full Scan Task" when installing the Anti-Spyware module?
Registry & Cookies
If unhappy with a specific policy change in ePO, click the ___________________________________ option under the Actions dropdown in Policy History for the specific version you want to go back to
Revert to Selected Policy
What is the protocol used for secure communication between agents and the ePO server?
SPIPE
What service should you verify is running to ensure the db properties populate automatically during the ePO installation
SQL server browser service
What VirusScan settings are preserved when installed over previous version?
Scanning engine Detection definition Logs
Where can you change the default dashboard?
Server Settings
Where do you go in ePO to change the time zone?
Server Settings
Where do you go in ePO to change the default server ports?
Server Settings-
Where do you go in ePO to change the ePO license key?
Server Settings-
Where are the system tree sorting options located?
Server settings
What is used to update the master repository on a regular basis?
Server task
What options are available within the policy catalog?
Share, duplicate, view
Queries and reports added under _________________________ groups can be viewed by any user with access to public queries and reports
Shared
Check in all licensed product extensions and software automatically without having to manually pull these down from McAfee downloads site - feature in ePO available to assist him with this?
Software Manager
interface to review and acquire McAfee software
Software Manager
Which Lost & Found group characteristic can be modified?
Sorting criteria for subgroups
When creating a permission set, which two users are added by default?
System Admin
What property includes the local time zone of a managed machine?
System Information Properties
graphical view of the managed network
System Tree
If you want to place systems into a specific group based on tagging, where would you configure in System Tree?
System Tree > Group Details > Sorting Criteria
when using AD - want to setup System Tree structure to look mapped AD structure - go to:
System Tree > Group Details > Synchronization type
Rule types you can create a policy assignment rule based on?
System, User
If John needs to place a system into a new group or container from a previous one, where would he go to do this in System Tree?
Systems > Actions > Directory Management > Move Systems
Utilize sorting to move some systems into some predefined groups but wants to confirm they will move into correct groups - go to test that these systems move into desired group in System Tree:
Systems > select all Systems > Actions > Directory Management > Test Sort
__________________________ help customers to identify and sort systems as well as simplify the creation of tasks and queries in their environment
Tags
What does an On-Demand scan effect?
Targeted files
Who are private queries available to?
The creator of the query
When is Enable Randomization activated?
The number of managed nodes exceeds 1,000
What options are available in ePO when creating a client task?
The task can be configured with defined criteria
What is the purpose of deploying Agent Handlers?
To allow for higher speed/lower latency
Which server service is responsible for handling automatic responses?
Tomcat
What VirusScan menu option is used to unlock the user interface?
Tools
Which system properties does ePO write to the database?
Total disk space Total physical memory Last communication
RSD sensor has been deployed, but has not reported back. Why could this be?
Unable to resolve IP Deployment failed Sensor service disabled after install
Default server task to configure and run regularly in conjunction with Global Updating being enabled to ensure endpoints stay up to date with latest DATs and engines?
Update Master Repository
What are the ePO server maintenance tasks?
Update server deployment Product license usage
Which VirusScan policy can be used to allow remote console connections?
User Interface
John doesn't have the option to create new query in ePO - where would the Admin need to go to change access level to create a new query?
User Management > Permission Sets > [john's permission set] > queries and reports
Where do you enable a new user account to sign into ePO console?
User Management > Users > User Account > Logon Status
View Audit Log in ePO - want to purge all entries displayed. Purge button not displaying. Where in ePO to allow to purge entries?
User Mgmt > Permission Sets > John's permission set > Audit Log
If you select option "remote users use the cert to log on" in cert-based authentication and remote user doesn't have a cert, what happens?
User will not be able to log on