McAfee Intel Security Certified Product Specialist-SIEM - MA0-104 Exam Practice Test
If the SIEM Administrator deploys the Enterprise Security Manager (ESM) using the Federal Information
Processing Standards (FIPS) encryption mode, which of the following types of user authentication will
NOT be compliant with FIPS?
Processing Standards (FIPS) encryption mode, which of the following types of user authentication will
NOT be compliant with FIPS?
Correct Answer: C
When a Correlation Rule successfully triggers, this occurs at the
Correct Answer: A
A security administrator is configuring the Enterprise Security Manager (ESM) to comply with corporate
security policy and wishes to restrict access to the ESM to certain users and machines
Which of the following actions would accomplish this?
security policy and wishes to restrict access to the ESM to certain users and machines
Which of the following actions would accomplish this?
Correct Answer: A
The primary function of the Application Data Monitor (ADM} appliance is to decode traffic at layer
Correct Answer: A
What Firewall component is natively used by the McAfee SIEM appliances to protect the appliances from
unauthorized communications?
unauthorized communications?
Correct Answer: D
The McAfee SIEM solution satisfies which of the following compliance requirements?
Correct Answer: D
If there is no firewall at the border of the network, which of the following could be used to simulate the
protection a firewall provides?
protection a firewall provides?
Correct Answer: D