MA0-104 Exam Questions
63 real MA0-104 exam questions with expert-verified answers and explanations. Page 2 of 2.
- Question #57
Which of the following is the minimum number of CPUs required to build a virtual image Enterprise Security Manager (ESM)?
- Question #58
When a Correlation Rule successfully triggers, this occurs at the
- Question #59
How often does the configuration and policy data from the primary Enterprise Security Manager (ESM) get synchronized with the redundant ESM?
- Question #60
Where can the ESM event database archive inactive partitions?
- Question #61
One or more storage allocations, which together specify a total amount of storage, coupled with a data retention time that specifies the maximum number of days a log is to be store...
- Question #62
With regard to Data Source configuration and event collection what does the acronym CEF stand for?
- Question #63
Which authentication methods can be configured to control alarm management privileges?
- Question #64
The Global Blacklist feature can be used to block specific traffic from which of the following devices?
- Question #66
Analysts can effectively use the McAfee SIEM to identify threats by ?
- Question #67
Internet perimeter firewall data-sources provide excellent visibility into
- Question #68
Alarms using field match as the condition type allow for selected Actions to be taken when the Alarm condition is met. Which of the following McAfee ePolicy Orchestrator (ePO) Acti...
- Question #69
The historical ACE function allows the user to perform retrospective correlations on older data. In which of the following devices is the data located that the historical correlati...
- Question #70
Which of the following features of the Enterprise Log Manager (ELM) can alert the user if any data has been modified?