MA0-104 Intel Security Certified Product Specialist Question and Answers

In the Default Summary view on the Enterprise Security manager (ESM). which of the following panels shows the baseline averages?

Reports can be created by selecting the ESM System Properties window, the Reports Icon in the top right of the ESM screen or by which of the following other method selecting the ESM System Properties window, the Reports Icon in the top right of the ESM screen or by which of the following other methods within Alarm Creation?

A McAfee Event Receiver (ERC) will allow for how many Correlation Data Sources to be configured?

If there is no firewall at the border of the network, which of the following could be used to simulate the protection a firewall provides?

Which authentication methods can be configured to control alarm management privileges?

Which of the following is the default port used to communicate between McAfee SIEM devices?

 

A SIEM allows an organization the ability to correlate seemingly disparate streams of traffic into a central console for analysis. This correlation, in many cases, can point out activities that might otherwise go undetected This type of detection is also known as