HBSS 501 Test Questions & Answers

Document Content and Description Below

HBSS 501 Test Questions & Answers CND Services include Prepare; Protect and ____________ - ✔✔Respond What action should be taken if an event is found to be a false positive? - ✔✔Start the tu ... ning process Which product is responsible for collecting endpoint properties and policy enforcement? - ✔✔McAfee Agent What is the correct order for prioritizing events? - ✔✔Severity; Action Taken; Volume An admin creates ___________ to manage the software installed on the endpoint. - ✔✔Policies Which HIPS label shows the friendly name of a HIPS event? - ✔✔Signature Name (Host IPS) Which of the following is not true about ArcSight and situational awareness? - ✔✔Prevention In order to manage an endpoint; ___________ must be installed. - ✔✔McAfee Agent A dashboard is a collection of __________ shown together in the same location. - ✔✔Monitors Which VSE label shows the friendly name of a VSE event? - ✔✔Threat Name Which feature does HIPS and VSE both have in common but is disabled on one when both are installed on the same endpoint? - ✔✔Buffer Overflow Protection Which query filter label helps group similar data for VSE? - ✔✔Threat Type As an Analyst; your duty includes reviewing all the data collected by the ePO server. - ✔✔False Which of the following is a valid query output? - ✔✔All of the above __________ queries are created specifically to gather HBSS related compliance data. - ✔✔Enhanced Reporting Which of the following VSE events should get the highest priority? - ✔✔Virus detected and not cleaned In which query builder menu do you select the data source; i.e. Managed Systems or Threat Events? - ✔✔Result Type You can import a query that was created on a different ePO server. - ✔✔True In which of the following is process improvement and recommendations made? - ✔✔Prepare Which label identifies the managed product by friendly name? - ✔✔Detecting Product Name HIPS 8 does not have the following feature: - ✔✔Application Blocking Which chart type is useful to display trending data? - ✔✔Line Which query menu is where you configure the data that is displayed in the drill down table? - ✔✔Chart Type Which is NOT a valid HIPS severity? - ✔✔Alert The HBSS Analyst works with both the IAM/IAO and the HBSS Administrator. - ✔✔True As a CND Analyst; you do not need to know about new threats - ✔✔False Which of the following applications does not send data to the threat event log? - ✔✔RSD What is the correct order for the HBSS Event Response Process? - ✔✔Detect; Triage; Respond In which Event Response Process do you determine the severity and the fix for a threat event? - ✔✔Triage An Incident is an assessed occurrence that actually or potentially jeopardizes the confidentiality; integrity; or availability of an information system. - ✔✔True The ________ is where ePO server related events are stored. - ✔✔Threat Event Log This McAfee Product helps prevent data loss by restricting the devices that can be plugged into the endpoint. - ✔✔McAfee DLP __________ is a key field in RSD that can help detect potential cross domain violations. - ✔✔MAC Address ACCM Collects installed software information from a system. - ✔✔False _________ are premade benchmarks that can be imported into ePO to be used with Policy Auditor. - ✔✔SCAP [Show More]

Last updated: 3 years ago

Preview 1 out of 3 pages