Part 5

Question 1

What are the options for VM Ware right click on a machine?

Answer 1

Power off
Shutdown guest
Restart guest
Reset

Question 2

What does the CNDOSE server use to host and manage its virtual machines?

Answer 2

VMware ESX

Question 3

What provides database services for HBSS and record systems info, log info, and reports for all HBSS functions within managed computers?

Answer 3

MSSQL microsoft sql

Question 4

What proactively guards against intrusion by regularly testing the integrity of the network to uncover and fix potential security weaknesses

Answer 4

SCCVI

Question 5

Used by the DoD to scan assets for compliance

Answer 5

ACAS

Question 6

A GUI is available for easy configuration and management of ESX as well as the virtual machines within

Answer 6

vSphere client

Question 7

Console Tab

Answer 7

To access a virtual machine via vSphere client select the virtual machine from the left pane and click the console tab

Question 8

To allow full screen view of a virtual machine within the vSphere client select the virtual machine from the left pane and select the console icon (computer with a green arrow)

Answer 8

Console window

Question 9

What is the prefered method of accessing the virtual machines as it is less resource intensive?

Answer 9

Microsoft RDP

Question 10

What is the automatic startup process?

Answer 10

MSSQL
Then ACAS/SCCVI
Then HBSS

Question 11

What are two primary services?

Answer 11

SQL Server

SQL Server Agent

Question 12

What is necessary for HBSS

Answer 12

MSSQL is required or ePO wont start

Question 13

What provides protection against known virus and malware attacks in the real time, protection from blended attacks and on-demand virus scanning and monitoring capabilities

Answer 13

McAffee VSE

Question 14

T or F

McAffee VSE is active, it puts files found into Quarentine

Answer 14

True

Question 15

What gives admins the ability to know when a wodespread infection may be occuring so they will be able to stop the proliferation of a virus on their networks?

Answer 15

Consolidated reporting of events detected by VSE

Question 16

Where are VSE logs inside ePO?

Answer 16

Menu > Reporting > Threat Event Log

Question 17

What provides network admins and security personnel with tools to prevent, detect, track, report, and remediate malicious computer related activities and incidents across all DoD networks and information systems?

Answer 17

HBSS - Host Based Security System

Question 18

What occurs when a program or process stores more data in memory than is provided for, forcing excess data to overflow into adjacent memory areas?

Answer 18

Buffer overflow

Question 19

What is when a user or organization is deprived of a resource that they would normally expect to have?

Answer 19

Denial of Service

Question 20

What occurs on a network where the attacker captures or redirects the communications between two computers?

Answer 20

Man In The Middle MITM

Question 21

What is designed to protect your environment from viruses, worms, and Trojan horses?

Answer 21

VSE

Question 22

What are the four default permission sets?

Answer 22

Executive reviewer
Global reviewer
Group admin
Group reviewer

Question 23

Who can assign existinf permission sets when creating or editing user accounts and when creating or editing permission sets?

Answer 23

Global Admins

Question 24

What are a group of permissions that can be granted to any user or Active Directory by assigning it to those user accounts?

Answer 24

Permission sets

Question 25

Who provides view permissions to dashboards, events, and contacts as well as information relating to the entire System Tree

Answer 25

Executive Reviewer

Question 26

Who has view permissions across ePO features?

Answer 26

Global Reviewer

Question 27

Where are custom shipboard permission sets created?

Answer 27

Global Network Operation Support Center GNOSC

To assign shipboard administrators the appropriate permissions

Question 28

What cannot be renamed or deleted?

Answer 28

Lost and Found

Question 29

Tags allow what?

Answer 29

Manually tag managed systems

Tag unmanaged systems that have been added to the System Tree

Question 30

What are two types of tags?

Answer 30

Criteria based

Tags without criteria

Question 31

How is the GUID created?

Answer 31

During the install process of McAfee, using the MAC address and system name

Question 32

What is an agent that can broadcast wake up calls to other McAfee agents located on the same VLAN or subnet?

Answer 32

Super Agent

Question 33

What take an active role in the prevention and reporting of attacks?

Answer 33

Active point products

Question 34

Host Intrusion Prevention System Subagent

Answer 34

Most significant and active component of HBSS

Question 35

Device Control Module

Answer 35

Active agent enforces policy in DLP

Question 36

Asset Baseline Monitor

Answer 36

Passive

Question 37

Policy Auditor

Answer 37

Passive

Question 38

Rogue System Sensor

Answer 38

Passive - monitors layer 2 traffic

Question 39

VSE

Answer 39

Active

Question 40

How many agents per subnet

Answer 40

2

Question 41

Install.sh

/etc/spawar/secure/dns-3.0.xx/epo

Root as owner

Answer 41

700

Manually install on non windows systems

Question 42

Framepkg.exe file contains what?

Answer 42

All mecessary information that a client will need to install McAffee agent and communicate with the ePO server

Question 43

What 3 key things does ths framework package contain?

Answer 43

Drivers
EPO server info
Encryption keys

Question 44

How often is the default policy enforcememt for CND?

Answer 44

15 min

Question 45

What will overwrite if already exists?

Answer 45

Agent_machinelog_backup.log

Question 46

What CTO enforces HBSS compliance?

Answer 46

JTF GNO CTO 12-1016

Question 47

Do we want embark admins to admin their stuff?

Answer 47

Yes

Question 48

Pg 1239…

By creatinf permission sets group admins can have all permissions required to administer their individual assets while preventing access to the rest of the ships network

Answer 48

True

Question 49

Embarkable remove their agent before coming onboard

Answer 49

Ship admin creates system tree and applies policy before objects are added so it is automatically enforced

Question 50

ABM activity and baseline

Answer 50

You need a baseline first before activity as activity shows you since baseline differences

Question 51

What is the main HIP service?

Answer 51

Firesvc.exe

Question 52

Host DLP agent service that sends events to server?

Answer 52

FCAGS.exe

Question 53

What does SADR stand for?

Answer 53

Super Agent Distributed Repository

Master repository > SADR > Agent

Every agent server still communicates to shore it does not bypass

Question 54

What dorectory contains policies that have been consolidatwd dor a given module?

Answer 54

Comprehensive

Question 55

What 2 HIP are called Multiple instances or stackable policies can be assigned to a single node are called?

Answer 55

IPS Rules and Trusted Applications

Question 56

Policy assigned by Inheritance or Assignment are divided into what 3 parts?

Answer 56

Site
Single system
Node with multiple policies

Question 57

Assignment locking prevents other users with appropriate permissions at the same level of the system tree from inadvertently replacing a policy

Answer 57

True