Enforcing Policies Flashcards

1
Q

What is a policy?

A

A collection of settings for your managed point products that you create and configure, and then enforce

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the two default policies that are always included in every category?

A

McAfee Default and My Default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When do managed systems receive policy changes (updates or different assignments) from ePO?

A

During Agent to Server communications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the times that policy enforcement can happen?

A

-Instantly
EX: The on access scan policy occurs when you start any application

-At ASC or PEI
EX: Product Deployment policy runs to confirm that the installed software versions on the managed systems match the versions on the Master Repository. If a new version is available, it is downloaded to all systems

-At configured Client Task intervals
EX: On-demand scan policy, by default, runs every day at midnight to scan all your managed systems for threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How are policies assigned to systems?

A

Either by:

Inheritance - When a system or group of systems takes its policy settings from its parent group

or

Assignment - When an administrator assigns a policy to a system or group of systems. You can define a policy once for a specific need, then apply it to multiple locations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Is there a way to prevent the inheritance of policies from being broken on the systems/groups that are intended to inherit them?

A

Yes, you can lock inheritance at any level of the system tree

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How does ownership affect policies?

A
  • The user that creates a policy is the assigned owner of that policy (if an admin creates it, it is simply owned by “administrators”)
  • You must have the correct permissions to edit a policy you don’t own
  • If you assign a policy you don’t own, and the owner modifies the policy, all systems that were assigned the policy receive the modifications
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the two different types of policy assignment rules?

A

User-based policies - Policies that are assigned with a user or group of users as the criteria. (Can also include system-based criteria)

System-based policies - Policies assigned based on specific locations in the system tree or based on tag applications (or both)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a policy assignment rule?

A

A way to assign policies at a granular level without having to break inheritance.

An example of this would be if you had systems that were spread out into different locations throughout the system tree, and you wanted them to all have a certain policy, but you don’t want to compromise their current location in the system tree by creating a new group. You could utilize a system based PAR by assigning a specific tag to all of these systems and then creating the rule based on the assignment criteria of the aformentioned tag

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a multi-slot policy?

A

A way to send more than 1 policy of a particular policy type to the client system.

Example: Assigning more than one Firewall rules policy, which will be merged and enforced on the client system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How do User-based policy assignment rules work?

A

You create user specific policy assignments that are enforced at the target system when a user logs on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

T/F: You can make User-Based policy assignments immediately after installing ePO?

A

False, you must first register and configured an LDAP server for use with your ePO server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe a way to automate the creation of SuperAgents by utilizing the Tag and PAR features

A

Create an ‘isSuperAgent’ tag with a tag criteria based on the system attributes that you want your SuperAgents to possess.

Run the Tag Criteria so that it will be assigned to the applicable systems

Create a PAR at the My Organization level and then use the ‘isSuperAgent’ tag as the assignment criteria

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

T/F: If you create a PAR with a tag as a criteria, all systems that have been assigned that tag will receive the policy assignment immediately post creation of the rule

A

False, the systems will not receive the policy until they’ve checked into ePO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

T/F: You can create policies for a product prior to deploying it

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What locations can you manage Policy Enforcement Status from?

A
  • Assigned Policies tab of the System Tree

- Policy Catalog Page

17
Q

What happens if policy enforcement is turned off?

A

Systems in the specified group don’t receive
updated site lists during an agent-server communication. As a result, managed systems in the group might not function as expected.

For example, you might configure managed systems to communicate with Agent Handler A. If policy
enforcement is turned off, the managed systems do not receive the new site list with this information and the
systems report to a different Agent Handler listed in an expired site list.

18
Q

Why is it a good idea to leave a comment when you make a revision/change to a policy?

A

It provides a record of your changes

19
Q

Where can you access the various iterations/versions of each specific policy you’ve created?

A

The best place to see this is from the Policy History section, but Policy History entries also appear in the Server Task Log Details and Audit Log Details

20
Q

What actions can you take on past instances of policies found in the Policy History section?

A
  • You can revert to past instances of policies

- You can compare two versions of a policy

21
Q

What is the easiest way to compare two policies?

A

The ‘Policy Comparision’ Page allows you to compare two policies of the same type.

22
Q

What is the layout of the Policy Comparison Page?

A

You choose the Product, the Policy Category, and then which 2 policies you want to compare

At the top, it shows the number of settings that are identical, and the number of settings that are the same

Below, each individual setting are placed next to each other, so you can see what they are set to for each policy

23
Q

Is there a way to only see the differences between two policies?

A

Yes, click the “Show only differences button” in the top of the policy comparison page

24
Q

Can you change the ownership of a policy?

A

Yes, go to the policy catalog and click on the owner of the policy you want to modify in the policy details pane

25
Q

If you are moving or sharing a policy from an ePO server, what needs to be taken into consideration regarding the destination server?

A

The destination server cannot be a later version than the source server

26
Q

How do you share policies between servers?

A

First, you must register the desired destination server on the source server and enable the policy sharing field during the configuration process

Then, you should go to the policy catalog and find the policy you wish to share and click ‘share’ in the actions column

27
Q

How can you ensure that any changes you make to shared policies are pushed to sharing enabled McAfee ePO servers?

A

By using a server task to automate the “Share Policies” action on a scheduled basis

28
Q

T/F: You can use queries to see information regarding Applied Policies and Policy Assignment Broken Inheritance

A

True