MA0-104 Exam Dumps - McAfee ISCPS SIEM Questions and Answers

Which of the following is the minimum amount of disk space required to install the McAfee Enterprise Security Manager (ESM) as a virtual machine?

If the SIEM Administrator deploys the Enterprise Security Manager (ESM) using the Federal Information Processing Standards (FIPS) encryption mode, which of the following types of user authentication will NOT be compliant with FIPS?

With regard to Data Source configuration and event collection what does the acronym CEF stand for?

Which of the following two appliances contain Event databases?

How often does the configuration and policy data from the primary Enterprise Security Manager (ESM) get synchronized with the redundant ESM?

Which of the following are the Boolean logic functions that can be used to create Correlation Rules?

Zones allow a user to group devices and the events they generate by

Alarms using field match as the condition type allow for selected Actions to be taken when the Alarm condition is met. Which of the following McAfee ePolicy Orchestrator (ePO) Actions can be selected when creating such Alarm?

A McAfee Event Receiver (ERC) will allow for how many Correlation Data Sources to be configured?

Analysts can effectively use the McAfee SIEM to identify threats by ?