McAfee
MA0-104 · Question #18
MA0-104 Question #18: Real Exam Question with Answer & Explanation
Sign in or unlock MA0-104 to reveal the answer and full explanation for question #18. The question stem and answer options stay visible for context.
Question
The analyst has created a correlation rule to correlate events from Anti-Virus (AV>, Network Intrusion Prevention (NIPS) and the firewall. While reviewing just firewall events, the analyst notices a large spike in outbound Command and Control traffic, however, the correlation rule is not triggering The analyst then looks at the Network IPS and the Anti- Virus views and notices there are no alerts for this traffic. Which of the following features of NIPS and AV are most likely turned off?
Options
- Adata -source events.
- BApplication Data Monitor (ADM) events.
- CDatabase Event Monitor (DEM) events.
- DEnhanced Log manager (ELM) entries.
Unlock MA0-104 to see the answer
You've previewed enough free MA0-104 questions. Unlock MA0-104 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.