Spring Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

  1. Home
  2. McAfee
  3. ISCPS SIEM
  4. MA0-104
  5. Intel Security Certified Product Specialist Questions and Answers

MA0-104 Intel Security Certified Product Specialist Questions and Answers

Questions 4

The McAfee SIEM baselines daily events over

Options:

A.

three days

B.

five days

C.

seven days

D.

nine days

Buy Now
Questions 5

Which of the following is the minimum amount of disk space required to install the McAfee Enterprise Security Manager (ESM) as a virtual machine?

Options:

A.

100 GB

B.

250GB

C.

500 GB

D.

1 TB

Buy Now
Questions 6

Which of the following statements about Client Data Sources is TRUE?

Options:

A.

They will have VIPS, Policy and Agent rights.

B.

They will be d splayed on the Receiver Properties > Data Sources table.

C.

They will appear on the System Navigation tree.

D.

They can have independent time zones.

Buy Now
Questions 7

Which authentication methods can be configured to control alarm management privileges?

Options:

A.

SNMP

B.

SSH Key Pair

C.

Active Directory

D.

Access Groups

Buy Now
Questions 8

Event Aggregation is performed on which of the following fields?

Options:

A.

Signature ID, Destination IP, User ID

B.

Source IP, Destination IP, User ID

C.

Signature ID, Source IP, Destination IP

D.

Signature ID, Source IP, User ID

Buy Now
Questions 9

Which of the following operations is NOT an available selection when using Multi-Device Management?

Options:

A.

Reboot

B.

Update

C.

start

D.

Disable

Buy Now
Questions 10

One or more storage allocations, which together specify a total amount of storage, coupled with a data retention time that specifies the maximum number of days a log is to be stored, is known as a

Options:

A.

Storage Volume.

B.

Storage Pool.

C.

Storage Device.

D.

Storage Area Network (SAN).

Buy Now
Questions 11

If the maximum size for the Policy Change History log is reached, which of the following happens to new entries?

Options:

A.

No new entries are added to the log.

B.

A new log file is created and the old one is archived.

C.

The oldest entries will be deleted to make way for the new entries.

D.

The newest entries will be buffered until an Administrator creates a new log file.

Buy Now
Questions 12

Which of the following are the three compression ratios available for raw logs being handled by the ELM?

Options:

A.

10:1,14:1.19:1

B.

14:1,18:1,20:1

C.

14:1,17:1.21:1

D.

14:1,17:1,20:1

Buy Now
Questions 13

Zones allow a user to group devices and the events they generate by

Options:

A.

Geographical location and IP reputation

B.

Geographical reputation and IP Address

C.

Geographical location and IP Address

D.

Geographical location and File reputation

Buy Now
Questions 14

Which of the following is the minimum number of CPUs required to build a virtual image Enterprise Security Manager (ESM)?

Options:

A.

Two units

B.

Four units

C.

Six units

D.

Eight units

Buy Now
Questions 15

The ESM supports five Authentication methods. The default login option uses the standard Username and Password format. Which of the following are the other four methods available?

Options:

A.

RADIUS, TACACS+, Active Directory, LDAP.

B.

Active Directory, NTLM, TACACS+, LDAP.

C.

LDAP, Active Directory, RADIUS, CAC.

D.

CAC, LDAP, RADIUS,TACACS+.

Buy Now
Questions 16

While investigating beaconing Malware, an analyst can narrow the search quickly by using which of the following watchlists in the McAfee SIEM?

Options:

A.

MTIE Suspicious and Malicious

B.

TSI Suspicious and Malicious

C.

GTI Suspicious and Malicious

D.

MTI Suspicious and Malicious

Buy Now
Questions 17

In the Default Summary view on the Enterprise Security manager (ESM). which of the following panels shows the baseline averages?

Options:

A.

Event Summary

B.

Normalized Event Summary

C.

Event Distribution

D.

Baseline Average

Buy Now
Questions 18

Which of the following are the Boolean logic functions that can be used to create Correlation Rules?

Options:

A.

NOR and AND

B.

AND and SET

C.

ORandSET

D.

OR and AND

Buy Now
Questions 19

When a Correlation Rule successfully triggers, this occurs at the

Options:

A.

Correlation Element.

B.

Correlation Processor.

C.

Correlation Engine.

D.

Correlation Manager.

Buy Now
Questions 20

Where can the ESM event database archive inactive partitions?

Options:

A.

Storage on the hard disk of the ESM itself

B.

Storage on the hard disk of the backup ESM

C.

Storage on the ELM

D.

Remote storage connected to the ESM

Buy Now
Questions 21

A security administrator is configuring the Enterprise Security Manager (ESM) to comply with corporate security policy and wishes to restrict access to the ESM to certain users and machines Which of the following actions would accomplish this?

Options:

A.

Configure the Access Control List and setup user accounts

B.

Define user groups and set permissions based on IP

C.

Assign AD users to computer assignment groups

D.

Setup local accounts based on IP Zones

Buy Now
Exam Code: MA0-104
Exam Name: Intel Security Certified Product Specialist
Last Update: Apr 30, 2026
Questions: 70

PDF + Testing Engine

$63.52  $181.49
buy now MA0-104 pdf + testing engine

Testing Engine

$50.57  $144.49
buy now MA0-104 testing engine

PDF (Q&A)

$43.57  $124.49
buy now MA0-104 pdf