DISA HBSS 201 Admin ePO5.1 (2016)

Ace your homework & exams now with Quizwiz!

What is the default password for unlocking the client user interface when troubleshooting the McAfee HIPS client?

abcde12345

How do you uninstall the HIPS client for Windows from a managed system?

-Configure the IPS Options policy to disable IPS; Configure the McAfee Agent deployment task to remove the HIPS client. - Testing.

Prior to imaging the system the registry entry for the McAfee Agent; which line should be deleted?

-HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\ePO\Agent\EpoGUID - testing

To manually move a system from one group to another; you do which two things with the system to move it to the other group?

A. Drag and drop - testing

Which statement is true concerning the ePO console?

A. It is web based and designed completely in HTML and JavaScript. - testing

Which ePO user listed below can create and edit tags in ePO?

Administrator

If a connection is in the state table; what action will occur with future traffic for that connection?

Allow

Select the ePolicy Orchestrator component that provides the UI of the System tree; sorting of nodes; tags and policies.

Apache

Select the ePolicy Orchestrator component that caches policies to reduce database reads and speed up ASCI time.

B. Apache

The Client Task Catalog allows you to create which of the following?

B. Client task objects - testing

Each Firewall Rule provides a set of conditions that which of the following has to meet?

B. Computers - testing

Which of the following is a valid statement regarding the task of managing policies in ePO?

B. When you assign a new policy to a particular group of the Directory; then all systems under that group with inheritance intact will inherit the new policy. -testing

To verify that the IP address sorting criteria that has not been configured to overlap between different groups; you can use which of the following options?

C. Check IP Groups - testing

Which of the following is not a protection level defined in the IPS Protection Policy?

C. Log - testing

Which statement best defines Application Shielding in HIPS?

D. Applications can only hook to the processes that match the digital signature imported into HIPS. - testing

Which IPS policy determines what options are available to a client computer with a HIPS client; including; whether or not the client icon appears in the system tray; types of intrusion alerts; and password to allow access to the client user interface?

D. Client UI - testing

From this list select the format that you cannot export your query results to.

DOC - testing

What can be created to prevent interpreting a normal behavior as an attack?

Exception

Which of the following can be created to prevent interpreting a normal behavior as an attack?

Exception

What are the four main types of Permission Sets in ePO?

Executive Reviewer; Global Reviewer; Group Admin; Group Reviewer

What column is not displayed in the Audit Log?

Failure

Which executable runs the main HIPS service?

Firesvc.exe

Communications between Tomcat and the Web browser accessing the ePO console is accomplished using what traffic through which port?

HTTPS. 8005 - Testing

What are the four severity levels of signature in HIPS?

High, Medium, Low, Informational

Assume three IPS policies are applied to a node; 1 default and 2 custom. The default severity level is set to HIGH; 1 custom severity level is set to LOW and the other custom is set to MEDIUM. What is the effective severity level outcome for the applied policy?

Low Med Least Restrictive - testing

Which ePO component gathers the events from the managed systems and communicates them to the ePO server?

McAfee Agent

Which ePO core component enforces the policies on the systems?

McAfee Agent

Public Queries exist in which of the following lists?

My Groups

Which is not a type of IPS Signature?

Network Signatures

DISA HBSS 201 Admin ePO5.1 (2016 Version)

Pull Task

What ePO server task updates ePO distributed repositories from the master repository?

Pull task

How do yo uninstall the HIPS 7.0 client for Windows from a managed system?

Remove the extension from the ePO Server and initiate the McAfee Agent wakeup call.( double check answer)

Which answer lists ALL the layers of protection in the HIPS client?

Signature, behavioral and firewall protection

Which ePO repository provides all updates to the ePO Master repository?

Source

The Agent to Server Communication for the McAfee Agent is encrypted using which of the following?

TLS

What types of Tags can you create?

Tags without criteria and Criteria-based tags

In which order are HIPS Firewall rules processed to filter incoming packets?

Top to bottom

In the Client Task Catalog you can export all of your client tasks into an XML file that can be imported into another ePolicy Orchestrator Server.

True


Related study sets

ECO 2013 Module 1 The Study of Economics

View Set

PrepU Chapter 24: Management of Patients With Chronic Pulmonary Disease

View Set

Block 2: Assessment 2 Quiz Questions

View Set

Louisiana State Insurance Laws (P&C Exam)

View Set

Exam PA - Chapter 3 - A Primer on Predictive Analytics

View Set

Chapter 3: Formation of an Article 2 Contract

View Set

MKT-001- Marketing.... what is it?

View Set