Adaptive Security

1.

1 point

What enforces TIE Convictions?

VirusScan 8.8

Application Control 6.2

McAfee Web Gateway

Host Intrusion Prevention

2.

1 point

What company did McAfee acquire to add ATD into their portfolio?

Defense In Depth

Valid Edge

Solutionary

Securonix

3.

1 point

DXL stands for:

Decoding Excel Location

Data Exchange Layer

Data Exclusion Layer

Deployment Exchange Limit

4.

1 point

A Hub is:

Two Brokers

Three Brokers

Five Brokers

One Broker

5.

1 point

As it pertains to Intel Security's SIEM, the ACE is:

Advance Event Collector

Advanced Log Monitor

Database Event Monitor

Advanced Correlation Engine

6.

1 point

Policy changes between ePolicy Orchestrator and the products it manages occur through:

DXL

McAfee ePo Agent

MQTT

HTTPS

7.

1 point

What is the cumulative years of service between the 5 Intel Security employees here?

22

56

31

68

8.

1 point

If a file is old and has a high enterprise prevalence (>20%) and not packed suspiciously it is assumed:

Safe

Potentially Malicious

Malicious

Likely Safe

9.

1 point

A TIE Server can handle:

30,000 Endpoints

25,000 Endpoints

50,000 Endpoints

100,000 Endpoints

10.

1 point

When presented with an unknown file, Threat Intelligence Exchange will first:

Have ATD analyze it

Compare the file hash against the its DAT files

Run it through its Gateway Anti-Malware Scanning Engine

Compare the file hash with McAfee's Global Threat Intelligence

11.

1 point

DXL utilizes:

CoAP

MQTT

REST API

XMPP

12.

1 point

DXL is managed by

Advanced Thread Defense Console

The DXL Management Console

Local Client supported on Windows and OSX platforms

ePolicy Orchestrator Console

13.

1 point

ATD is currently supported in the following configuration(s):

As a Virtual Machine

As an Appliance

As a hosted Cloud solution

A combination of all 3

14.

1 point

DXL utilizes:

TLS 1.2 over port 8883

McAfee One Time Password

TLS 1.5 over port 8443

Endpoint Encryption over port 443

15.

1 point

Which 2 components are required in all Intel Security SIEM environments?

ESM and ELM

ESM and Receiver

ESM and ADM

ELM and DEM

16.

1 point

Artemis is Intel Security's:

Agent Deployment Utility

Known Threat Database

Message Broker

Scanning Engine

17.

1 point

When Network Security Platform sends a suspicious file sample to ATD, it will hold the file while waiting for a response for:

60 seconds

3 seconds

6 seconds

It will hold the file until it receives an answer

18.

1 point

Which SIEM component is required for compliance and provable log integrity

ESM

ACE

ELM

ADM

19.

1 point

SIEM event aggregation will:

Enrich the data collected

Combine multiple events into a single record

Keep more event information, but add to the storage needed

Add IP addresses to the TIE events

20.

1 point

The TIE/DXL solution requires:

ePO 5.1.1

McAfee Agent 5.0

DXL Client and TIE Client

All of the Above