MA0-107 Online Practice Questions and Answers

In which of the following locations are the installation log files stored by default on a Windows machine?

A. %TEMP%\McAfeeLogs

B. %PROGRAMDATA%\McAfee\Logs

C. %USERDATA%\McAfeeLogFiles

D. %PROGRAMFILES%\CommonFiles\McAfeeLogs

An ePO administrator wants to enable script scanning in the environment; however, the administrator wants to exclude several custom scripts from being scanned. Which of the following is the BEST practice for script scan exclusions?

A. Ensure wildcard characters are fully supported.

B. Use fully qualified domain names and NetBIOS names.

C. Include port numbers if they are part of the address.

D. Keep the URL short.

Which of the following server roles has a McAfee-defined policy bundled with the product?

A. Exchange

B. Internet Information Services (IIS)

C. Active Directory

D. SQL

An administrator wants to see more details about recent activity on an endpoint than what is shown in the ENS console. In which of the following locations can the administrator view the log files?

A. %ProgramFiles%\McAfee\Logs

B. %ProgramFiles%\McAfee\Endpoint Security\Logs

C. %ProgramData%\McAfee\Endpoint Security\Logs

D. %ProgramData%\McAfee\Logs

A new ENS policy has been created and deployed, and a user contacts the help desk stating that a particular site is no longer accessible. Which of the following ENS Web Control policy categories is the culprit?

A. Options

B. Content Actions

C. Browser Control

D. Enforcement Messaging

The ePO administrators have already tuned and configured dynamic application containment rules within the policy. In which of the following ways will dynamic application containment protect against malware once enforcement is enabled?

A. The scan engine will learn the behavior of the application and send up to GT1 for analysis, and then receive an action to block all actions from the application's process.

B. If an application's reputation is below the threshold while triggering a block rule and is not an excluded application, malicious behavior of the application will be contained.

C. The ENS client will receive the reputation as "highly suspicious" from either the McAfee GTI or TIE server, and then immediately uninstall the application on the system.

D. The adaptive threat protection scanner will send the file automatically to a preconfigured "Sandbox" folder and analyze the application for malicious features before use.

Exploit prevention content is released

A. once per month.

B. every other week.

C. once per quarter.

D. every two months.

If a TIE server is unavailable and the system is connected to the Internet, which of the following components can the Adaptive Threat Protection leverage for reputation decisions?

A. Event Security Manager

B. Global Threat Intelligence

C. Data Exchange Layer

D. Advanced Threat Defense

On Windows 8 and 10 machines, Windows places a flag in the tile of an app, causing Windows to notify the user of a problem and directing the user to the Windows Store to reinstall. This flag is placed on the tile when the Threat Prevention scanner detects a threat in the path of an installed Windows Store app, and marks the application as:

A. malicious.

B. suspicious.

C. questionable.

D. tampered.

Which of the following describes the difference in functionality between Real Protect cloud-based and Real Protect client-based?

A. The location where the centralized management server and policies are managed

B. The location from which AMCore content updates are pulled before on-demand scans

C. The location where the scanning is conducted on file attributes and behavior

D. The location where malware is quarantined on the managed system