MA0-100 practice test - 157 questions
ensure agents receive policies, tasks, and product updates
What are Agent Handlers used for?
McShield.exe
What component is composed of the following high-level scanners; AntiVirus Scanner, Buffer Overflow protection, On-Access Scanner, and Access Protection?
Agent Handler
What component needs to be installed in the DMZ to allow external systems to receive appropriate policies and tasks?
A system that does not have the McAfee Agent installed
What defines a rogue system?
System Information Properties
What detail property includes the local Time Zone of a managed machine?
On-Demand Scan
What feature can monitor battery state and full screen awareness?
Multi-Server Roll-Up Reporting
What feature gathers Managed System and Compliance Information from remote ePO servers and allows reports to be run against the data?
System Tree
What feature provides the capability to group machines logically and, where necessary, set alternative policy and change inheritance settings?
Evtfiltr.ini
What file contains the list of disabled event ids?
web.xml
What file found in the \Program Files\McAfee\ePolicy Orchestrator\Server\conf directory needs to be modified to change the default ePO Console session timeout?
DATs, Potentially Unwanted Programs
What files are automatically downloaded from the McAfee source repositories with a pull task?
Make Public
What function is disabled for the default 'ePO Summary' dashboard?
Inheritance
What important property simplifies policy and task administration?
virtual server IP, virtual server name, virtual server DNS name
What information is required during an ePO clustered installation?
an agent that is reporting to a different ePO server
What is an alien agent?
Microsoft Cluster Server [MSCS]
What is required to run ePO in a high availability environment on two or more servers?
300
What is the Rogue System Detection policy for Sensors detected system cache life time in seconds?
2
What is the default number of sensors that will be active per subnet?
60 seconds
What is the maximum amount of time in seconds that can be configured for ping timeout in the McAfee Agent policy?
999
What is the maximum number of days that can be set in the VirusScan option "number of days to keep back-up data in the quarantine directory"?
query builder
What is the name of ePO's reporting wizard?
ePO Summary
What is the only dashboard that is active by default?
simple
What is used to configure the SQL server to drop the transactionlogs once a checkpoint is complete?:
Server Settings
What location is used to change the default Dashboard for new ePO Console users?
enable on-access scanning when the policy is enforced
What option can be configured in the On-Access General Policy that is not an option in the local VirusScan console?
change free space per page percentage to
What option should be selected in the SQL maintenance plan rebuild index?
a task can be configured with defined criteria
What options are available to the administrator when creating a client task to limit the systems that receive the task?
8081
What port is used to access the McAfee Agent Activity Log from a remote machine?
SPIPE
What protocol is used for secure communication between the McAfee Agent and server?
enable randomization, stop the task if it runs for a specified amount of time, run missed task at a specified time delay
What scheduling options are available when setting up a Product Deployment Task?
Mirror Task
What task can be configured to copy the contents of one distributed repository into another distributed repository which is outside of the normal replication process?
Installation Designer
What utility is used to create a custom VirusScan installation package that contains updated DAT and engine files?
one
When a group has four sorting criterions assigned, the system will be placed into the group when it meets how many of the conditions?:
Not assigned
When a policy is created in the policy catalog the new policy is?
Parent Group
When a policy is deleted, all systems for which it is currently applied to will inherit which policy?
assignment
When a policy is locked, it prevents modification of the?
30 seconds
When an On-Demand Scan starts, the feature takes CPU and IO samples over the first how many seconds?
Agent Server Secure Communication
When backing up an ePO server, which of the following security keys is required to restore agent server communication?
sorting order
When computers check into the System Tree, subgroups are considered for matching criteria according to?
1000
When configuring Product Deployment Client Tasks, the "Enable randomization' setting should be activated when managed client nodes exceed how many?
leave systems in their current system tree location only, add systems to the synchronized group and leave them in the current system tree location, add systems to the synchronized group and mark duplicate entires* [may be something else]
When configuring a Synchronization Type for a group within the System Tree which of the following is a valid choice?
Organizational Units
When configuring the Active Directory settings, exceptions can include which of the following?
apply tag, delete sensor, export to file
When creating a Run Query Server Task, which sub-actions can be selected to allow the system to automatically act upon the results of a query?
1x2, 6x4
When creating a custom dashboard and specifying the size, what is the minimum and maximum layout that can be defined?
Filter
When creating a new query, what is the "function title" used to limit the resulting output?
Admin, System
When creating a permission set, which of the following users are automatically assigned[2]?
XMl
When importing a policy the file type is what?
New Tag
When managing tags what is NOT available in the System Tree?
Tabs
When opening an existing policy, the policy settings are organized across?
Targeted Files
When performing the On-Demand scan, what System utilization settings are affected?
remove the tag on systems that don't match the criteria
When running a "Run Tag Criteria" server task and the box for "reset manually tagged and excluded systems" box is checked, this would?
Order
When the sorting criteria overlaps two groups, the system will sort into the group dependent on?
epocomputerproperties
Where in the ePO database is the ePO Agent gathered system information stored?
Filter Driver
Which VirusScan component intercepts input/output operations called by the OS?
On-Delivery Email Scanner, On-Access Scanner
Which VirusScan components can be configured for the Artemis Heuristics detection?
User Interface
Which VirusScan policy configures the option "allow this system to make remote console connections to other systems"?
Assigned Policies, Policy Catalog, Client Tasks
Which areas of the console allow the resetting of inheritance?
Scan32.exe /UninstallMAS
Which command line option is used to uninstall Anti-Spyware?
Framework Service
Which component controls the scheduled tasks and communicates with the Common Agent?
8444
Which default port is used for Rogue System Detection Sensors for communications to the ePO server?
Sitelist.xml
Which file pulled from the server contains the distributed repository list?
sorting criteria for SUBGROUPS
Which of the following Lost&Found group characteristics can be modified?
Tomcat
Which of the following Server Services is responsible for Automatic Responses?
Share, Duplicate, View
Which of the following are available within the Policy Catalog?
update sensor deployment, product license usage
Which of the following are ePO Server Maintenance tasks?
Agent Wakeup, Product Update, Mirror Repositories
Which of the following are examples of client tasks?
Name, Status
Which of the following are examples of default column headers on the Server Task area of the interface?
click a computer in the System Tree, open a query then click a computer in the reports
Which of the following are methods that can be used to access System Information?
Rolled-up Threat Events, Rolled-up Managed Systems, Rolled-up Applied Policies
Which of the following are result types in the query builder used by Multi-Server Rollup Querying?
Server Task
Which of the following are used to update the master repository on a regular basis?
Assign Policy, Move systems to another group, email file
Which of the following are valid Automatic Query Actions that can be selected from a result of a query?
Agent Language Pack, Extradat
Which of the following are valid deployment package types?
no permissions, create and edit personal queries
Which of the following are valid permissions for query functions?
repository pull, repository replication
Which of the following are valid server tasks for updating the ePO repositories?
Table
Which of the following can NOT be placed into a dashboard?
Purge Event Logs, RollUp Data, Run Tag Criteria
Which of the following can be configured as Server Tasks?
Assign
Which of the following cannot be completed within the Policy Catalog?
/C
Which of the following command line options for the cmdagent.exe will check for new policies and enforces them immediately upon receipt?
Agent IP address, System Tree location, Agent subnet
Which of the following criteria are applicable when configuring Agent Handler assignments?
CSV, XML, HTML
Which of the following formats are available for exporting data?
CSV, PDF
Which of the following formats can query results be exported into?
Event Parser
Which of the following is a core architecture component of ePO?
Group Reviewer
Which of the following is a default permission set?
Mfeavfk.sys
Which of the following is a file system filter driver?
C:\McAfee\software
Which of the following is a valid path for creating a Super Agent repository?
non-complliant computer detected
Which of the following is an available default notification rule?
installed database size + [# clients x client system size] [# events generated x event size]
Which of the following is the best formula to use to calculate the size of the database?
Select Result Type > Configure Chart > Choose Columns > Apply Filter
Which of the following is the correct order for creating a query?
Common Framework
Which of the following is the default location for the McAfee Agent log configuration files?
Duplicate, New Policy
Which of the following is used to create a policy[2]?
Importing AD containers, via a text file, importing AD systems
Which of the following methods can be used to add systems to groups within the system?
Remote Registry Service, File and Printer Sharing, Admin$share
Which of the following needs to be enabled to successfully deploy an Agent from the ePO server?
ports, global updating, email server
Which of the following options are available from the ePO server settings?
Clean, Continue
Which of the following options are available when right-clicking a file and selecting "Scan for threats"?
designate the policy, register the server, schedule a server task
Which of the following options are required to share policies between ePO servers?
Manage Dashboards
Which of the following options is only available on the Dashboards page?
Agent Policy option 'Enable remote access to log' is checked, 'accept connection only from ePO server' is unchecked
Which of the following policy settings would enable an ePO administrator from remotely viewing the Agent Activity Log using a web browser
80, 1433
Which of the following ports need to be open on the fw for an Agent Handler to communicate with ePO and database server[s] inside of a network?
Apache
Which of the following server services is responsible for communication with the McAfee Agent?
LDAP, SNMP
Which of the following servers can be designated as registered?
Framework
Which of the following services is related to Super Agents?
high speed and low latency connection
Which of the following should be the primary consideration when deploying Agent Handlers?
register the remote ePO servers, share the individual policies, configure Server Task
Which of the following steps are needed for Policy Sharing?
total disk space, total physical memory, last communication
Which of the following system properties does the ePO server write to the database?
HTTP, FTP, UNC
Which of the following types of distributed repositories is supported by ePO?
McAfee Agent
Which of the following uses a proprietary SPIPE protocol to encapsulate unsecured HTTP traffic?
check database integrity, rebuild index, back up database
Which options must be selected when creating a maintenance plan for the SQL database?
On-Delivery Email Scan Policies, On-Access General Policies
Which policies can be configured to record the "Session settings" for reporting?
Scanning Engine, Detection definition file, log file names and locations
Which settings are preserved when installing VirusScan on a computer that had a previous version installed?
Registry, Cookies
Which two items are modified in the "Full Scan Task" when installing the Anti-Spyware module?
the Creator
Who are private queries available to?
Global Administrator, Owner
Who can change the ownership of a policy?
no matching criteria were found
Why would a managed system appear in the Lost & Found group?
Apache
Within the Server Services, which component manages events, Group management, Tag management, and Agent sorting?
Covered
A subnet that has a Rogue System Detection Sensor installed is called?
45 days
A system is considered an Inactive Agent by the Rogue System Detection Server if it has not reported within the last how many days?
lower left hand corner of the page
After a query has been completed, additional actions can be taken on the?
Global Administrator
All dashboards, others than the default, are owned by what user?
ASSC
All traffic between Agents and the Handler are signed and verified with what type of key pairs?
sensor is unable to resolve the IP for ePO, deployment of the sensor failed, sensor service is disabled after installation
An RSD Sensor has been deployed from the ePO console. However, it has not reported back. Which of the following is the most likely cause?
Resort system, Move Systems to Another Group
An administrator can configure a query to run a scheduled sub-action to do which of the following?
Frminst.exe /install=agent /siteinfo="C:\Sitelist.xml"
An ePO administrator is trying to update the Sitelist.xml file for an existing McAfee Agent to point to a different ePO server. Which command should be used??
5,000 nodes
An ePO server needs to have a dedicates SQL Server when managing more than how many nodes?
Common Events Format [CEF]
An ePO server uses which format to write to the database tables?
System Properties
Criteria-based tags can be created using what?
.ZIP
Deployment packages that are checked into the ePO server have which of the following file extensions?
.zip
Extensions that are installed into the ePO server are in what file format?
enforce policies, collect and send system properties
Framework Service is responsible for which of the following functions?
Category
How are policy settings grouped within products?
broadcast messages and DHCP responses
How does Rogue System Detection Sensors detect systems on a network?
5000
How many managed machines are required before it is recommended to use a dedicated ePO server?
65535
If a machine is unable to communicate with a repository using the Ping time option, what is the value assigned to that repository in the sitelist.xml file?
McAfee Default
If a policy that is assigned to the "My Organization" group is deleted, what policy is assigned in its place?
270
If it takes 90 seconds to accomplish an on-demand scan with the CPU utilization set at 90%, if the CPU utilization is set for 30% it will take how many seconds?
DAT file version number installation path
If you specify the McAfee Agent Policy to collect only minimal properties, the agent collects only which of the following?
reinstall extensions, restore the database
In a disaster recovery situation, what must be completed to recover the ePO server?
C:\Program Files\McAfee\ePolicy Orchestrator\DB\keystore
In order to protect the ePO keys, which directory on the server is required to be backed up?
Server Settings
In which area of the console is the System Tree Sorting enabled?
80, 443
McAfee ePO server listens on port 8443 for connection to the administrative console. The Apache service port listens in on which of the following default ports?
group1\system1
Of the following, what is a proper syntax for importing computers into groups using a text file?
Global Administrator, Group Admin, Group Reviewer
One or more permission sets can be assigned to any users who are not global admin. Which of the following default permission sets can be assigned to users?
Installing an extension to the ePO server
Policy catalogue pages are added to the ePO server by what function?
Master
Product deployment packages are checked into what repository?
charts, tables
Query results are displayed within ePO in what form?
Internet Explorer, Firefox
Some supported web browsers?
NTDomain, Active Directory
System Tree sync can be configured according to which connectors?
criteria-based tags, creating queries
System properties are directly helpful for when creating which of the following?
resulttype
The first action when creating a query using the Query Wizard is choosing a?
Duplicate
The option available for the McAfee Default Policy is?
full and incremental
The replication types used in updating distributed repositories are:
add the system to the Blacklis
To ensure that a Rogue System Detection Sensor is not installed on a managed system, what action needs to be performed?
Active Directory
To remove computers from ePO using the Active Directory Synchronization task, it is required that the account has access to the?
Registry Blocking
Under the Access Protection policy which of the following is a user-defined Rule?
High
What Artemis sensitivity level is selected to protect systems or areas that are regularly infected?
Medium
What Artemis sensitivity level is selected when the regular risk of exposure to malware is greater than the risk of a false positive?
Tools
What VirusScan menu option is used to unlock the user interface?
Registered Files
What additional scan item is added when the Anti-Spyware module is installed?