“McAfeeCertified ProductSpecialistMcAfee Endpoint Security (ENS) Certification Candidate Guide” Exam MA0-107. Here you can get the latest free McAfee MA0-107 exam exercise questions and answers for free and easily improve your skills!
MA0-107 exam: The McAfee Certified Product Specialist certifications are designed for candidates who administer a specific McAfee product
or suite of products, and have one to three years of experience with that product or product suite. This certification
level allows candidates to demonstrate knowledge in these key product areas:
Basic architecture – Installation – Configuration – Management – Troubleshooting. Follow the link to find more information about https://www.leads4pass.com/ma0-107.html exam.
Table of Contents:
- Latest McAfee MA0-107 pdf
- Test your McAfee MA0-107 exam level
- Related MA0-107 Popular Exam resources
- Get leads4pass Coupons (12% OFF)
- What are the advantages of leads4pass?
Latest McAfee MA0-107 pdf
[PDF] Free McAfee MA0-107 pdf dumps download from Google Drive: https://drive.google.com/open?id=1sOrkYpxuYqT3sIm2ZU7qt7XeA2MNhhw1
McAfee Endpoint Security Certification Guide:https://www.mcafee.com/enterprise/en-us/assets/guides/gd-ens-certified-product-specialist.pdf
Free McAfee MA0-107 Exam Practice Questions
QUESTION 1
A security technician is configuring the exploit prevention policy. Based on best practices for critical servers, which of
the following severity levels should the technician configure signatures to block after a requisite period of tuning?
A. Low
B. High
C. Informational
D. Medium
Correct Answer: B
QUESTION 2
Which of the following groups of legacy products can be migrated to ENS 10.5?
A. VirusScan Enterprise, Host Intrusion Prevention, and SiteAdvisor Enterprise
B. Host Intrusion Prevention, SiteAdvisor Enterprise, and Data Loss Prevention
C. VirusScan Enterprise, Host Intrusion Prevention, and Data Loss Prevention
D. Host Intrusion Prevention, SiteAdvisor Enterprise, and Application Control
Correct Answer: C
QUESTION 3
A user navigates to a website and notices a small blue square around an “M” in the upper-right corner of the Chrome
browser. Which of the following does the blue color indicate within the toolbar?
A. It is an internal website.
B. Web Control is disabled.
C. No rating is available.
D. It is a phishing website.
Correct Answer: C
QUESTION 4
A user is reporting a functional issue with the ENS client. Which of the following logs should be checked?
A. ExploitPrevention_Debug.log
B. OnDemandScan_Debug.log
C. EndpointSecurityPlatform_Errors.log
D. AdaptiveThreatProtection_Debug.log
Correct Answer: C
QUESTION 5
In which of the following ways does Dynamic App Containment protect against malware?
A. It checks for spyware, unwanted programs, and viruses based on known patterns.
B. It monitors communication between the computer and the network.
C. It detects malicious files and activities using machine-learning techniques.
D. It limits the actions unknown applications can take on the end system.
Correct Answer: C
QUESTION 6
An ePO administrator needs to add exclusions for a folder. The folder has been created in several locations, including
C:\Program Files\Custom\Acme or C:\Program Files\Acme, but the folder could be located in other subfolders in the
Program Files folder.
Which of the following is the correct way to write an exclusion for the Acme folder?
A. \Program Files\?\Acme
B. \Program Files\**\Acme
C. \Program Files\*\Acme
D. \Program Files\??\Acme
Correct Answer: C
QUESTION 7
The ePO administrators have already tuned and configured dynamic application containment rules within the policy. In
which of the following ways will dynamic application containment protect against malware once enforcement is
enabled?
A. The scan engine will learn the behavior of the application and send up to GT1 for analysis, and then receive an action
to block all actions from the application\\’s process.
B. If an application\\’s reputation is below the threshold while triggering a block rule and is not an excluded application,
malicious behavior of the application will be contained.
C. The ENS client will receive the reputation as “highly suspicious” from either the McAfee GTI or TIE server, and then
immediately uninstall the application on the system.
D. The adaptive threat protection scanner will send the file automatically to a preconfigured “Sandbox” folder and
analyze the application for malicious features before use.
Correct Answer: B
QUESTION 8
The organization\\’s desktop engineering team wants to include ENS 10 within their desktop imaging process. They
would like to install all modules silently. Which of the following is the correct command-line syntax to accomplish this
task?
A. setupEP.exe ADDLOCAL=”all” /qb!
B. setupEP.exe ADDLOCAL=”all” /qn
C. setupEP.exe ADDLOCAL=”fw,tp,wc” /qb!
D. setupEP.exe ADDLOCAL=”fw,tp,wc” /qn
Correct Answer: C
QUESTION 9
The security team wants to schedule an on-demand scan to run at noon every day for all workstations. However, the
team would like to ensure system performance is not impacted because users may be working. Which of the following is
a system utilization setting that meets this criteria?
A. Below normal
B. Low
C. Scan only when the system is idle
D. Normal
Correct Answer: D
QUESTION 10
An engineer needs to allow a specific application to run. The engineer just finished creating an Exploit Prevention
process exclusion. After applying the exclusion, the engineer notices the application is not being run. The following
information
is provided to the engineer:
Which of the following is the error with the engineer\\’s exclusion?
A. A signature ID was not entered.
B. Exclusions are case sensitive.
C. A hash was not specified.
D. Wildcard was not used.
Correct Answer: B
QUESTION 11
An ePO administrator decides to define a trusted network in the firewall policy. This will result in:
A. an inbound directional allow rule for that remote network.
B. an outbound directional allow rule for that remote network.
C. a bidirectional allow rule for that remote network.
D. a bidirectional deny rule for that remote network.
Correct Answer: A
QUESTION 12
In which of the following ways would ATP determine the reputation information if Adaptive Threat Protection (ATP) is
deployed and neither a TIE server nor an Internet connection is available?
A. ATP will use information from the local system.
B. ATP will query other systems in the environment.
C. ATP will do nothing and auto-disable itself.
D. ATP will prompt the user for manual input.
Correct Answer: B
QUESTION 13
Which of the following is the MAIN benefit of using Threat Intelligence Exchange (TIE) and Data Exchange Layer
(DXL)?
A. They enable centralized management of adaptive-threat-protection policies.
B. They store and pass file reputation to managed endpoints and McAfee products.
C. They distribute signature-based content to managed systems.
D. They conduct scanning of files on managed systems for threats.
Correct Answer: B
Related MA0-107 Popular Exam resources
title | youtube | McAfee | leads4pass | leads4pass Total Questions | |
---|---|---|---|---|---|
McAfee | leads4pass MA0-107 dumps pdf | leads4pass MA0-107 youtube | McAfee Endpoint Security Certification Guide | https://www.leads4pass.com/ma0-107.html | 70 Q&A |
Get leads4pass Coupons(12% OFF)
What are the advantages of leads4pass?
leads4pass employs the most authoritative exam specialists from Cisco, McAfee, CompTIA, IBM, Microsoft, etc. We update exam data throughout the year. Highest pass rate! We have a large user base. We are an industry leader! Choose leads4pass to pass the exam with ease!
Summarize:
It’s not easy to pass the McAfee MA0-107 exam, but with accurate learning materials and proper practice, you can crack the exam with excellent results. leads4pass provides you with the most relevant learning materials that you can use to help you prepare.