HBSS practice test with complete verified
solutions 2025
What is HBSS - answer -host based security system on the individual workstation or the
host
-(COTS)
-monitor, detect, and counter against known cyber threats. -address known traffic exploits
What is HBSS on - answer Cyber Tasking Order (CTO) 07
12, US Cyber Command (USCYBERCOM) mandates that HBSS be installed on every DoD
system.
Why do we use HBSS - answer allows us to centralize the administration of security tools.
With this centralized administration we can control and monitor our different modules
(VSE, HIPS, DLP, and any other module that is installed on the host.
Who can you call for HBSS assistance - answer DISA
HBSS Components - answer -ePolicy Orchestrator Server
-the McAfee Agent
-the distributed repositories
-registered server
The ePO server - answer -application server that manages the suit of product
-contains the SQL database that stores logs, events, and policies
-contains the master repository which stores all products as well as software that is
deployable to the clients
, The McAfee Agent - answer installed on the clients and allows the ePO server to enforce
polices on the client machine
Distributed repositories - answer servers contain software packages for remote clients.
These repositories are known as SADRs and are similar to that of a WSUS
Registered servers - answer additional servers on your network that you register with
your ePO server to provide additional data such as LDAP, SNMP, and other ePO servers.
How HBSS components work together - answer Through the ePO's web interface create
the policies & tell each product how they will behave, then stored on the local ePO server,
agent on the client machine will pull the latest policy from the ePO server, enforce the last
policy as long as agent is running
Port 80 - answer -Agent to Server communication (TCP
-Inbound TCP. The ePO server listens for requests from McAfee Agents
Port 443 - answer -Agent to Server secure communication (TLS)
-Inbound TCP. The ePO server listens for TLS (SSL)-encrypted requests from McAfee
Agents
Port 591 - answer -Agent Wakeup Call
-Outbound TCP. For when the ePO server or an Agent Handler sends a Wakeup Call to a
managed machine.
Port 8005 - answer -Agent Handler Communication
-Inbound TCP. ePO Agent Handlers connect to this port during installation and updates
Port 8007 - answer -Console-to-application (HTTPS
-Inbound TCP. Port used to connect to the ePO web interface using HTTPS
solutions 2025
What is HBSS - answer -host based security system on the individual workstation or the
host
-(COTS)
-monitor, detect, and counter against known cyber threats. -address known traffic exploits
What is HBSS on - answer Cyber Tasking Order (CTO) 07
12, US Cyber Command (USCYBERCOM) mandates that HBSS be installed on every DoD
system.
Why do we use HBSS - answer allows us to centralize the administration of security tools.
With this centralized administration we can control and monitor our different modules
(VSE, HIPS, DLP, and any other module that is installed on the host.
Who can you call for HBSS assistance - answer DISA
HBSS Components - answer -ePolicy Orchestrator Server
-the McAfee Agent
-the distributed repositories
-registered server
The ePO server - answer -application server that manages the suit of product
-contains the SQL database that stores logs, events, and policies
-contains the master repository which stores all products as well as software that is
deployable to the clients
, The McAfee Agent - answer installed on the clients and allows the ePO server to enforce
polices on the client machine
Distributed repositories - answer servers contain software packages for remote clients.
These repositories are known as SADRs and are similar to that of a WSUS
Registered servers - answer additional servers on your network that you register with
your ePO server to provide additional data such as LDAP, SNMP, and other ePO servers.
How HBSS components work together - answer Through the ePO's web interface create
the policies & tell each product how they will behave, then stored on the local ePO server,
agent on the client machine will pull the latest policy from the ePO server, enforce the last
policy as long as agent is running
Port 80 - answer -Agent to Server communication (TCP
-Inbound TCP. The ePO server listens for requests from McAfee Agents
Port 443 - answer -Agent to Server secure communication (TLS)
-Inbound TCP. The ePO server listens for TLS (SSL)-encrypted requests from McAfee
Agents
Port 591 - answer -Agent Wakeup Call
-Outbound TCP. For when the ePO server or an Agent Handler sends a Wakeup Call to a
managed machine.
Port 8005 - answer -Agent Handler Communication
-Inbound TCP. ePO Agent Handlers connect to this port during installation and updates
Port 8007 - answer -Console-to-application (HTTPS
-Inbound TCP. Port used to connect to the ePO web interface using HTTPS
