MA0-107 Online Practice Questions and Answers

By using which of the following techniques does Real Protect scanner inspect suspicious files and activities on an endpoint to detect malicious patterns?

A. Machine learning

B. Intrusion prevention

C. Sandboxing

D. Static code analysis

After installing ENS on a server, the server administrator finds that a specific application runs very slow, yet communication flows are still present. Which of the following remediation steps should the administrator take?

A. Remove an exclusion.

B. Create a whitelist.

C. Create an exclusion.

D. Remove a whitelist.

A user is unable to access a website. The Web Control browser toolbar appears gray. Other websites are accessible. Which of the following features of ENS Web Control has been enabled and is causing the issue?

A. Block links to risky sites in the search results.

B. Block phishing pages for all sites.

C. Block sites that are not verified by GTI.

D. Block sites by default if the McAfee GTI ratings server is not reachable.

The network operations team has configured the company's VPN connector to deny connectivity if virus scan definitions are older than seven days. In order for a user to immediately meet the VPN connector's policy, which of the following should the administrator enable?

A. Managed custom tasks

B. "Update now" button

C. Default client update task schedule

D. Proxy server

A user goes to four different websites, each with a different rating. One of the four sites is blocked and unable to be accessed. Using default configuration to determine the rating, which of the following ratings does this site have?

A. Gray

B. Red

C. Yellow

D. Green

Which of the following groups of legacy products can be migrated to ENS 10.5?

A. VirusScan Enterprise, Host Intrusion Prevention, and SiteAdvisor Enterprise

B. Host Intrusion Prevention, SiteAdvisor Enterprise, and Data Loss Prevention

C. VirusScan Enterprise, Host Intrusion Prevention, and Data Loss Prevention

D. Host Intrusion Prevention, SiteAdvisor Enterprise, and Application Control

A security technician is configuring the exploit prevention policy. Based on best practices for critical servers, which of the following severity levels should the technician configure signatures to block after a requisite period of tuning?

A. Low

B. High

C. Informational

D. Medium

A security professional is configuring ENS for a client and wants to ensure applications will be prevented from executing software locally from the browser or email client. Which of the following McAfee-defined rules should be implemented?

A. Creating new executable files in the Windows folder

B. Installing browser helper objects or shell extensions

C. Registering programs to autorun

D. Running files from common user folders by common programs

Dynamic Application Containment uses which of the following attributes of an executable to provide advanced protection?

A. File behavior

B. File name

C. File size

D. File source

An engineer needs to allow a specific application to run. The engineer just finished creating an Exploit

Prevention process exclusion. After applying the exclusion, the engineer notices the application is not

being run. The following information is provided to the engineer:

Which of the following is the error with the engineer's exclusion?

A. A signature ID was not entered.

B. Exclusions are case sensitive.

C. A hash was not specified.

D. Wildcard was not used.