1. Home
  2. McAfee
  3. MA0-107

McAfee Certified Product Specialist - ENS

Exam Details

  • Exam Code
    :MA0-107
  • Exam Name
    :McAfee Certified Product Specialist - ENS
  • Certification
    :McAfee Certified Product Specialist
  • Vendor
    :McAfee
  • Total Questions
    :70 Q&As
  • Last Updated
    :

McAfee McAfee Certified Product Specialist MA0-107 Questions & Answers

  • Question 1:

    Which of the following describes the difference in functionality between Real Protect cloud-based and Real Protect client-based?

    A. The location where the centralized management server and policies are managed

    B. The location from which AMCore content updates are pulled before on-demand scans

    C. The location where the scanning is conducted on file attributes and behavior

    D. The location where malware is quarantined on the managed system

  • Question 2:

    An engineer needs to allow a specific application to run. The engineer just finished creating an Exploit

    Prevention process exclusion. After applying the exclusion, the engineer notices the application is not

    being run. The following information is provided to the engineer:

    Which of the following is the error with the engineer's exclusion?

    A. A signature ID was not entered.

    B. Exclusions are case sensitive.

    C. A hash was not specified.

    D. Wildcard was not used.

  • Question 3:

    An administrator notices that on one endpoint, Threat Prevention is not currently on the latest version of AMContent. The administrator presses the "Update Now" button within the console, but a message shows the update was unsuccessful.

    Which of the following logs should the administrator look at FIRST to troubleshoot the failure?

    A. EndpointSecurityPlatform_Activity.log

    B. ThreatPrevention_Activity.bg

    C. AccessProtection_Activity.log

    D. PackageManager_Activity.log

  • Question 4:

    Organizational security policy has recently mandated users be made aware of potentially malicious links. Which of the following features of ENS 10.5 can be used to accomplish this task?

    A. Rating Actions

    B. Sensitivity Level

    C. Event Logging

    D. Browser Control

  • Question 5:

    An ENS administrator is configuring on-access protection but finds the trusted backup tool is causing an unneeded performance impact. Which of the following actions should the administrator take?

    A. Endpoint Security Threat Prevention Policy Category / Threat Prevention Policy Category / Access Protection / Exclusion / Exclude the Backup Tool executable

    B. Endpoint Security Threat Prevention Policy Category / Exploit Prevention/Exclusions / Exclude Backup Tool executable

    C. Endpoint Security Threat Prevention Policy Category / On Access scan / Process Settings / Low Risk Processes / Exclude Backup Tool executable

    D. Enable McAfee GTI Feedback under Endpoint Security Threat Prevention Policy Category / Options / Proactive Data Analysis

  • Question 6:

    An ePO administrator is experiencing issues installing an ENS module on a client machine and decides to investigate by analyzing the install log. In which of the following locations will the administrator find the install log, assuming it is in its default location on the endpoint?

    A. %programdata%\mcafee\datreputation\logs

    B. **\program files\mcafee\

    C. %temp%\mcafeelogs

    D. %programdata%\mcafee\Agent\logs

  • Question 7:

    An administrator wants to prevent incoming packets until the system reboots fully. Which of the following features should be configured to allow this?

    A. Treat McAfee GTI Match as an Intrusion

    B. Allow Bridged Traffic

    C. Allow Only Outgoing Traffic Until Firewall Services Have Started

    D. Block All Untrusted Executables

  • Question 8:

    A help desk technician needs to gain admin rights to the ENS local client interface for troubleshooting. Which of the following is a policy setting within the ENS Common Options policy that could be used to temporarily allow admin rights to the local client?

    A. Unlock Client Interface Password

    B. Standard Access

    C. One-time Password

    D. Time-based Password

  • Question 9:

    On Windows 8 and 10 machines, Windows places a flag in the tile of an app, causing Windows to notify the user of a problem and directing the user to the Windows Store to reinstall. This flag is placed on the tile when the Threat Prevention scanner detects a threat in the path of an installed Windows Store app, and marks the application as:

    A. malicious.

    B. suspicious.

    C. questionable.

    D. tampered.

  • Question 10:

    Joe, an administrator, runs a policy-based, on-demand scan on a system and notices that after the scan, a threat event was created for what appears to be a false positive. Joe wants to submit the file for analysis to McAfee Labs; but every time he accesses the file, it is detected.

    In which of the following default locations can Joe find the backups of the detected files?

    A. %ProgramData%\McAfee\Common Framework\AgentEvents

    B. C:\Quarantine

    C. C:\Windows\Temp\Quarantine

    D. %deflogfir%\Quarantine

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only McAfee exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your MA0-107 exam preparations and McAfee certification application, do not hesitate to visit our Vcedump.com to find your solutions here.