The McAfee SIEM baselines daily events over
Answer : A
The primary function of the Application Data Monitor (ADM) appliance is to decode traffic at layer
Answer : D
With regard to Data Source configuration and event collection what does the acronym CEF stand for?
Answer : B
The security Analyst notices that there has been a large spike for Secure Shell <SSH) drops in the Network Intrusion Prevention System (NIPS). What other perimeter device will add more insight into what is happening?
Answer : D
The ESM database is unavailable for use during
Answer : D
Zones allow a user to group devices and the events they generate by
Answer : C
A McAfee Event Receiver (ERC) will allow for how many Correlation Data Sources to be configured?
Answer : A
To correlate known vulnerabilities to devices that are currently exposed to such vulnerabilities, which of the following must be selected on the Receiver?
Answer : D
Which of the following operations is NOT an available selection when using Multi-Device
Management?
Answer : D
When viewing the Policy Tree, what four columns are displayed within the Rules Display pane?
Answer : A
Which authentication methods can be configured to control alarm management privileges?
Answer : D
What Firewall component is natively used by the McAfee SIEM appliances to protect the appliances from unauthorized communications?
Answer : A
The fundamental purpose of the Receiver Correlation Subsystem (RCS) is
Answer : A
McAfee's SIEM provides awareness of illicit behavior across multiple internal systems via
Answer : C
One or more storage allocations, which together specify a total amount of storage, coupled with a data retention time that specifies the maximum number of days a log is to be stored, is known as a
Answer : B