MA0-107 Sample Questions Answers

A hospital in another county just received a new variant of ransomware that infected 70% of its systems. After learning the characteristics of this ransomware, the security team wants to implement a protection policy to stop certain files from being modified and new registry keys from being created that are relevant to the ransomware. Which of the following policies meets this requirement?

In Web Control, "Enable Web Category blocking of restricted content" is enforced. Which of the following describes the result if a user enters a restricted site?

By default, an individual file is flushed from the Adaptive Threat Protection local reputation cache every:

A user navigates to a website and notices a small blue square around an "M" in the upper-right corner of the Chrome browser. Which of the following does the blue color indicate within the toolbar?

An ePO administrator is experiencing issues installing an ENS module on a client machine and decides to investigate by analyzing the install log. In which of the following locations will the administrator find the install log, assuming it is in its default location on the endpoint?

Dynamic Application Containment uses which of the following attributes of an executable to provide advanced protection?

For which of the following reasons does ENS 10 store two previous versions of AMCore content?

An IT department is looking for a way to optimize performance with on-access scanning. To maximize security and minimize the impact on the system, on-access scanning should be configured to scan files at which of the following frequencies?

An ENS administrator wants the end user to be able to view the web safety information. In addition to enabling Web Control, which of the following describes the requirements for this?

Which of the following is the MAIN benefit of using Threat Intelligence Exchange (TIE) and Data Exchange Layer (DXL)?

The security team has requested that adaptive threat protection be integrated with a TIE server. Which of the following is required?

A company's security posture requires the ENS firewall to be enabled; however, the team is unsure of communication flows in the environment. In which of the following modes should the ePO administrator deploy the firewall policy to achieve flow awareness?

An ePO administrator needs to add exclusions for a folder. The folder has been created in several locations, including C:\Program Files\Custom\Acme or C:\Program Files\Acme, but the folder could be located in other subfolders in the Program Files folder. Which of the following is the correct way to write an exclusion for the Acme folder?

Organizational security policy requires a host-based firewall on endpoints. Some endpoints have applications where documentation depicting network traffic flows is not readily available. Which of the following ENS 10.5 firewall features should be used to develop rules for their firewall policy?

An engineer needs to allow a specific application to run. The engineer just finished creating an Exploit Prevention process exclusion. After applying the exclusion, the engineer notices the application is not being run. The following information is provided to the engineer:

Which of the following is the error with the engineer's exclusion?

Which of the following components can the Endpoint Migration Assistant tool migrate?

The ePO administrator sees the ENS firewall has been disabled on an endpoint in ePO. The end user states that no changes were made to the McAfee products on the endpoint in question. Which of the following questions should the administrator ask the end user about the McAfee icon to validate that the ENS firewall might be disabled?

The ePO administrators have already tuned and configured dynamic application containment rules within the policy. In which of the following ways will dynamic application containment protect against malware once enforcement is enabled?