mcafee ma0-107 practice test

Organizational security policy has recently mandated users be made aware of potentially malicious
links. Which of the following features of ENS 10.5 can be used to accomplish this task?

• A. Rating Actions
• B. Sensitivity Level
• C. Event Logging
• D. Browser Control

An administrator wants to see more details about recent activity on an endpoint than what is shown
in the ENS console. In which of the following locations can the administrator view the log files?

• A. %ProgramFiles%\McAfee\Logs
• B. %ProgramFiles%\McAfee\Endpoint Security\Logs
• C. %ProgramData%\McAfee\Endpoint Security\Logs
• D. %ProgramData%\McAfee\Logs

An administrator wants to add executables that are monitored with the Exploit Prevention engine. To
which of the following policy sections should the executables be added?

• A. Generic privilege escalation prevention
• B. Exclusions
• C. Signatures
• D. Application protection rules

A user navigates to a new website that has not been rated by ENS Web Control yet. In which of the
following ways will ENS Web Control handle this request by default?

• A. Delete
• B. Block
• C. Allow
• D. Warn

An ePO administrator is experiencing issues installing an ENS module on a client machine and
decides to investigate by analyzing the install log. In which of the following locations will the
administrator find the install log, assuming it is in its default location on the endpoint?

• A. %programdata%\mcafee\datreputation\logs
• B. **\program files\mcafee\
• C. %temp%\mcafeelogs
• D. %programdata%\mcafee\Agent\logs

A security technician is configuring the exploit prevention policy. Based on best practices for critical
servers, which of the following severity levels should the technician configure signatures to block
after a requisite period of tuning?

• A. Low
• B. High
• C. Informational
• D. Medium

In Web Control, "Enable Web Category blocking of restricted content" is enforced. Which of the
following describes the result if a user enters a restricted site?

• A. The color is gray, and access is denied.
• B. The pop-up color is red, and access is denied.
• C. The color is orange, and access is denied.
• D. The pop-up color is blue, and access denied.

An administrator wants to allow remote users the ability to access the Internet from unsecure WiFi
access points to connect to the VPN. Which of the following ENS 10.5 features should the
administrator use to accomplish this?

• A. Trusted Networks
• B. Location-based Groups
• C. Timed Groups
• D. Connection Isolation Groups

When creating an exploit prevention process exclusion, at least one identifier must be specified.
Which of the following is an identifier?

• A. DEP
• B. MD5 hash
• C. API
• D. Caller module

Security operations has recently received indicators of compromise (IOCs) detailing a new piece of
malware for which coverage is not available. The threat advisory recommends a list of file paths and
registry keys to prevent this new malware from successfully executing. Which of the following ENS
10.5 features should be used to achieve this goal?

• A. Web Control
• B. Exploit Prevention
• C. Real Protect
• D. Access Protection