McAfee Intel Security Certified Product Specialist-SIEM - MA0-104 Exam Practice Test
Which of the following is the name of the Dashboard View that shows correlated events for the selected
Data Source?
Data Source?
Correct Answer: A
Vote an answer
On the McAfee enterprise Security Manager (ESM), the default data Retention setting specifies that Event
and Flow data should be maintained for
and Flow data should be maintained for
Correct Answer: B
Vote an answer
With regard to Data Source configuration and event collection what does the acronym CEF stand for?
Correct Answer: B
Vote an answer
The possibility of both data source Network Interface Cards (NICs) using the shared IP and MAC address
at the same time is eliminated by using which of the following?
at the same time is eliminated by using which of the following?
Correct Answer: A
Vote an answer
A SIEM allows an organization the ability to correlate seemingly disparate streams of traffic into a central
console for analysis. This correlation, in many cases, can point out activities that might otherwise go
undetected This type of detection is also known as
console for analysis. This correlation, in many cases, can point out activities that might otherwise go
undetected This type of detection is also known as
Correct Answer: C
Vote an answer
Which of the following features of the Enterprise Log Manager (ELM) can alert the user if any data has
been modified?
been modified?
Correct Answer: B
Vote an answer