DISA HBSS 201 ADMIN ePO5.1(2023) EXAM 100 QUESTIONS AND CORRECT ANSWERS (100% VERIFIED ANSWERS) |AGRADE

DISA HBSS 201 ADMIN ePO5.1(2023) EXAM 100

QUESTIONS AND CORRECT ANSWERS (100%

VERIFIED ANSWERS) |AGRADE

Which ePO repository provides all updates to the ePO Master repository? -

ANSWER- Source

Which is not a type of IPS Signature? - ANSWER- Network Signatures

If a connection is in the state table; what action will occur with future traffic for

that connection? - ANSWER- Allow

Which ePO component gathers the events from the managed systems and

communicates them to the ePO server? - ANSWER- McAfee Agent

What are the four main types of Permission Sets in ePO? - ANSWER- Executive

Reviewer; Global Reviewer; Group Admin; Group Reviewer

To manually move a system from one group to another; you do which two things

with the system to move it to the other group? - ANSWER- A. Drag and drop -

testing

Which ePO core component enforces the policies on the systems? - ANSWERMcAfee Agent

In the Client Task Catalog you can export all of your client tasks into an XML file

that can be imported into another ePolicy Orchestrator Server. - ANSWER- True

From this list select the format that you cannot export your query results to. -

ANSWER- DOC - testing

Each Firewall Rule provides a set of conditions that which of the following has to

meet? - ANSWER- B. Computers - testing

Which IPS policy determines what options are available to a client computer with a

HIPS client; including; whether or not the client icon appears in the system tray;

types of intrusion alerts; and password to allow access to the client user interface? -

ANSWER- D. Client UI - testing

Which of the following is not a protection level defined in the IPS Protection

Policy? - ANSWER- C. Log - testing

What are the four severity levels of signature in HIPS? - ANSWER- High,

Medium, Low, Informational

The Client Task Catalog allows you to create which of the following? - ANSWERB. Client task objects - testing

To verify that the IP address sorting criteria that has not been configured to overlap

between different groups; you can use which of the following options? -

ANSWER- C. Check IP Groups - testing

Which of the following is a valid statement regarding the task of managing policies

in ePO? - ANSWER- B. When you assign a new policy to a particular group of the

Directory; then all systems under that group with inheritance intact will inherit the

new policy. -testing

Which statement is true concerning the ePO console? - ANSWER- A. It is web

based and designed completely in HTML and JavaScript. - testing

Select the ePolicy Orchestrator component that provides the UI of the System tree;

sorting of nodes; tags and policies. - ANSWER- Apache

In which order are HIPS Firewall rules processed to filter incoming packets? -

ANSWER- Top to bottom

The Agent to Server Communication for the McAfee Agent is encrypted using

which of the following? - ANSWER- TLS

Which answer lists ALL the layers of protection in the HIPS client? - ANSWERSignature, behavioral and firewall protection

What column is not displayed in the Audit Log? - ANSWER- Failure

What is the default password for unlocking the client user interface when

troubleshooting the McAfee HIPS client? - ANSWER- abcde12345

Which statement best defines Application Shielding in HIPS? - ANSWER- D.

Applications can only hook to the processes that match the digital signature

imported into HIPS. - testing

Which ePO user listed below can create and edit tags in ePO? - ANSWERAdministrator

What types of Tags can you create? - ANSWER- Tags without criteria and

Criteria-based tags

Public Queries exist in which of the following lists? - ANSWER- My Groups

Select the ePolicy Orchestrator component that caches policies to reduce database

reads and speed up ASCI time. - ANSWER- B. Apache

What ePO server task updates ePO distributed repositories from the master

repository? - ANSWER- Pull task

Which of the following can be created to prevent interpreting a normal behavior as

an attack? - ANSWER- Exception

How do you uninstall the HIPS client for Windows from a managed system? -

ANSWER- -Configure the IPS Options policy to disable IPS; Configure the

McAfee Agent deployment task to remove the HIPS client. - Testing.

Prior to imaging the system the registry entry for the McAfee Agent; which line

should be deleted? - ANSWER- -

HKEY_LOCAL_MACHINE\SOFTWARE\Network

Associates\ePO\Agent\EpoGUID - testing

Communications between Tomcat and the Web browser accessing the ePO console

is accomplished using what traffic through which port? - ANSWER- HTTPS. 8005

– Testing

A trusted network may be defined by all of the following except: - ANSWER- D.

Network Protocol

Agent Handlers consist primarily of what two services? - ANSWER- C. Apache

and Event Parser