MA0-104 Exam Dumps - Intel Security Certified Product Specialist

Go to page:

Question # 4

The security Analyst notices that there has been a large spike for Secure Shell

McAfee ePIocy Orchestrator (ePO)

The core switch

The external switch

The firewall

Full Access

Question # 5

An organization notices an increasing number of ESM concurrent connection events. To mitigate risks related to concurrent sessions which action should the organization take?

Increase the concurrent session alarm threshold

Decrease the console timeout value

Increase the number of the concurrent sessions allowed

Customize the login page with the organization's logo

Full Access

Question # 6

The Database Event Monitor (DEM) appliance prevents disclosure of Personally Identifiable Information (Pll) by employing which of the following features to those types of information?

Obfuscation masks

Pll filter masks

Sensitive data masks

Filter masks

Full Access

Question # 7

When the automated system backup is configured to include events, flows and log data, the first backup will capture all events, flows and logs

â€ƒ

in the ESM database.

in the ESM database older than what is currently held in the Receivers.

inserted in the ESM database on the most recent Receiver poll.

in the ESM database from the current day.

Full Access

Question # 8

A SIEM allows an organization the ability to correlate seemingly disparate streams of traffic into a central console for analysis. This correlation, in many cases, can point out activities that might otherwise go undetected This type of detection is also known as

anomaly based detection

behavioral based detection.

heuristic based detection.

signature based detection

Full Access

Go to page: