DISA HBSS 201 ADMIN ePO 5.1 Practice Exam | Verified Questions & Answers | Graded A+

DISA HBSS 201 ADMIN ePO5.1 PRACTICE EXAM
QUESTIONS WITH VERIFIED SOLUTIONS
CURRENTLY TESTED AND GRADED A+ BEST
QUALITY EXAM


Which IPS policy determines what options are available to a client computer
with a HIPS client; including; whether or not the client icon appears in the
system tray; types of intrusion alerts; and password to allow access to the client
user interface? --CORRECT ANSWER--D. Client UI - testing



Which of the following is not a protection level defined in the IPS Protection
Policy? --CORRECT ANSWER--C. Log - testing



What are the four severity levels of signature in HIPS? --CORRECT
ANSWER--High, Medium, Low, Informational



The Client Task Catalog allows you to create which of the following? --
CORRECT ANSWER--B. Client task objects - testing



To verify that the IP address sorting criteria that has not been configured to
overlap between different groups; you can use which of the following options? -
-CORRECT ANSWER--C. Check IP Groups - testing




Page 1 of 38

,Which of the following is a valid statement regarding the task of managing
policies in ePO? --CORRECT ANSWER--B. When you assign a new policy to
a particular group of the Directory; then all systems under that group with
inheritance intact will inherit the new policy. -testing



Which statement is true concerning the ePO console? --CORRECT ANSWER--
A. It is web based and designed completely in HTML and JavaScript. - testing



Select the ePolicy Orchestrator component that provides the UI of the System
tree; sorting of nodes; tags and policies. --CORRECT ANSWER--Apache



In which order are HIPS Firewall rules processed to filter incoming packets? --
CORRECT ANSWER--Top to bottom



The Agent to Server Communication for the McAfee Agent is encrypted using
which of the following? --CORRECT ANSWER--TLS



Which answer lists ALL the layers of protection in the HIPS client? --
CORRECT ANSWER--Signature, behavioral and firewall protection



What column is not displayed in the Audit Log? --CORRECT ANSWER--
Failure




Page 2 of 38

,What is the default password for unlocking the client user interface when
troubleshooting the McAfee HIPS client? --CORRECT ANSWER--abcde12345



Which statement best defines Application Shielding in HIPS? --CORRECT
ANSWER--D. Applications can only hook to the processes that match the
digital signature imported into HIPS. - testing




What can be created to prevent interpreting a normal behavior as an attack? --
CORRECT ANSWER--Exception



Which executable runs the main HIPS service? --CORRECT ANSWER--
Firesvc.exe



How do yo uninstall the HIPS 7.0 client for Windows from a managed system?
--CORRECT ANSWER--Remove the extension from the ePO Server and
initiate the McAfee Agent wakeup call.( double check answer)



Assume three IPS policies are applied to a node; 1 default and 2 custom. The
default severity level is set to HIGH; 1 custom severity level is set to LOW and
the other custom is set to MEDIUM. What is the effective severity level
outcome for the applied policy? --CORRECT ANSWER--Low

Med

Least Restrictive - testing


Page 3 of 38

, Which ePO repository provides all updates to the ePO Master repository? --
CORRECT ANSWER--Source



Which is not a type of IPS Signature? --CORRECT ANSWER--Network
Signatures



If a connection is in the state table; what action will occur with future traffic for
that connection? --CORRECT ANSWER--Allow



Which ePO component gathers the events from the managed systems and
communicates them to the ePO server? --CORRECT ANSWER--McAfee
Agent



What are the four main types of Permission Sets in ePO? --CORRECT
ANSWER--Executive Reviewer; Global Reviewer; Group Admin; Group
Reviewer



To manually move a system from one group to another; you do which two
things with the system to move it to the other group? --CORRECT ANSWER--
A. Drag and drop - testing



Which ePO core component enforces the policies on the systems? --CORRECT
ANSWER--McAfee Agent


Page 4 of 38