MA0-103 Online Practice Questions and Answers

Which of the following protocols cannot be blocked or monitored by McAfee DLP 'Network Communication Protection Rules'?

A. Secure FTP (SFTP)

B. Secure Copy (SCP)

C. Server Message Block/NetBIOS (SMB)

D. Secure Shell (SSH)

When detected, which of the following must be categorized with the highest severity?

A. User makes a purchase online with personal credit cards

B. User emails a copy of a spreadsheet with credit card numbers of all customers to personal email to continue work from home

C. User copies a spreadsheet with credit card numbers of all customers to an encrypted device to continue work from home

D. User files an online form and includes their own personally identifiable information

Which of the following McAfee tools are useful to collect McAfee product data from a computer so that the problem can be analyzed and resolved by McAfee Technical Support?

A. ePO-MVT (McAfee Virtual Technician)

B. Minimum Escalation Requirements (MER) tools

C. McAfee Profiler

D. extra DAT

Which Corporate Security Policy affects the Evidence Share and ePO Database size and growth?

A. Acceptable Use Policy

B. Access Control Policy

C. Data Retention Policy

D. Risk Management Framework

What rule is used to block transfer of protected files sent via Google Chrome Browser?

A. Application Based Tagging Rule

B. Network Communication Protection Rule

C. File System Protection Rule

D. Web Post Protection Rule

An executive sends merger documents to legal counsel. Policy dictates the documents should be encrypted, but they are being sent in plain text. What is the appropriate action to configure in such a case using DLPe protection rules?

A. Monitor the activity using a File System Protection Rule, store the evidence and notify the user.

B. Verify the violation and send an alert to the administrator.

C. An Email Protection Rule should be used to block the email unless the documents are encrypted.

D. Do nothing.

An employee attempts to upload company data in violation of corporate security policy using a secure HTTPS connection. The DLPe Administrator has configured rules with a blocking reaction and Content Classification. Can the data be prevented from being uploaded over HTTPS?

A. No, location Based Tagging Rules need to be configured

B. No, content posted over HTTPS cannot be inspected

C. Yes, a protection rule with a block reaction has been configured

D. Yes, Content Classification has occurred

How long must the operational events be stored in the ePO database before purging?

A. As defined by the Acceptable Use Policy

B. As defined by the Risk Management Framework

C. As defined by the Auditor

D. As defined by the Data Retention Policy

Which of the following is critical for troubleshooting system health?

A. System log

B. Administrator log

C. Agent log

D. Policy analyzer

Which of the following must be restarted after upgrading the ePO extensions for DLPe?

A. McAfee Framework Service

B. ePO Event Parser

C. ePO Application Server

D. ePO Server Service