MA0-101 - McAfee Certified Product Specialist - NSP
Go back to
Identity Based Access Control cannot co-exist with which mode of NAC deployment on the same port?
DHCP based NAC
By default, sensors are configured to operate in which operating mode?
Which attack cannot be blocked when the sensor has been set for in-line mode?
TCP Control Anomaly
Which of the following rules do sub-interfaces inherit when they are created?
Sensor and port rules
Which database is supported for Network Security Manager?
Which of the following CLI commands only removes trust between a sensor and manager?
Which port needs to be opened for Alert Viewer communication between Client and Manager through a firewall?
Select the deployment method which enables the most effective Protection/Prevent on mode of operation.
What is the command to enable the sensor to forward all traffic at Layer 2 if a failure occurs?
Which port needs to be opened for install Channel communication between Sensor and Manager through a firewall?
Setting a threshold limit in order for the IPS to react if traffic volume exceeds this limit is an example of which type of detection method?
What is the command to force the sensor out of Layer 2 Passthru mode?
Layer2 mode deassert
Which command can be issued on a Sensor to check the health of the Sensor?
The Network Security Manager provides the following built-in Network Access Zones. (Choose three)
Allow DNS Access
Allow Full Access
Public Network Only
Which port is correctly defined for the Alert Channel on the Network Security Manager?
Which command allows an off-line signature file download from a tftp server when connectivity to the Manager is unavailable?
If the Health Level of the host cannot be determined, which of the following System Health Levels would be assigned?
Which of the following are the different operational modes of System Health based NAC? (Choose three)
Which operating mode allows a sensor lo prevent attacks from reaching their intended targets?
____________________are required to be configured before configuring the quarantine/pre- admission user classes or the quarantine DHCP server.
Wild Card DNS servers
What is the CLI command that enables the output of the MAC/IP address mapping table to the sensor debug files?
A sensor will redirect the host to which of the following when McAfee NAC reports the Host status as "unmanaged with an Unknown Health Level"?
Guest Client Portal
Which server type needs to be configured as a requirement before the Quarantined user classes and Quarantined DHCP server(s) are configured?
Wildcard DNS server
Which policy is assigned to a child domain by default?
The policy of the parent domain
Which of the following CLI commands removes trust between a sensor and manager, removes signatures and restores default port settings, but retains IP configuration?
A Sensor allows the option of Layer2 forwarding for which of the following?
TCP ports, UDP ports and VLAN interfaces
Policies can be configured to drop packets when which of the following has been defined?
The sensor is deployed in Inline mode
________________allows a host to be subjected to both DHCP based NAC and Identity Based Access Control when configured on different ports.
Which of the following deployment modes receives a copy of the packet from a mirrored switch port?
Which command is used to manually download signature tiles from the tftpserver when connectivity to the Manager is not available?
Which of the following should be applied to policies in both Inbound and Outbound directions?
Performance debugging mode can be enabled on a sensor for a specified time duration by issuing which of the following CLI commands?
sensor perf-debug 100
Which of the following items can an ACL not match?
Source IP address
Setting a threshold to allow an IPS to react when traffic volume exceeds the set limit is an example of what type of detection method?
Denial of Service
Why is the DBAdmin tool considered a preferred method of performing system maintenance tasks that could be performed within the Manager?
Saves additional workload on the Manager
Alert fillers can be applied lo which of the following sensor nodes?
Sensor interface and sub-interface node
When the buffer on the alert cache has been filled, what happens to current incoming alerts?
Incoming alerts are added to the cache and the oldest alerts are dropped
Which mode needs to be set to redirect an unmanaged system to the guest portal?
Which CLI command is used to copy sensor SSL certificates from external flash when replacing a failed sensor?
Which of the following activities require a reboot of a sensor? (Choose three)
Enabling/Disabling parsing and detection of attacks in IPv6 traffic
Sensor software upgrade
Where in the Network Security Manager console can you see a hierarchical view of all the installed applications currently deployed and the resources associated with each?
Which logs are used to determine who was logged into the Manager the last time a signature set update was pushed from the Manager to the Sensor?
User Activity Audit log
Which of the following commands will reestablish the Alert and packet log channel connection between the sensor and manager?
Which sensor action allows the detection and dropping of attacks in real-time?
Drop further packets
When creating policies, which of the following rule sets are available for selection within those policies?
Only rule sets created using the Rule Set Editor and Default rule sets
Which of the following deployment modes is not included in standard NAC?
DHCP based NAC
Which port needs to be opened for Alert Channel communication between Sensor and Manager through a firewall?
Which NSP sensor models support VLAN Bridging? (Choose three)
Malware Protection requires which of the following feature or features to be enabled?
HTTP response scanning
How are packet logs viewed from within the Manager?
Set the log to be viewable with Wireshark/Ethereal