HBSS Flashcards

1
Q

a remote computing device that communicates back and forth with a network to which it’s connected

A

endpoint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

examples of endpoints

A

desktops, laptops, smartphones, tablets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

represent key vulnerable points of entry for cyber threat actors

A

endpoint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

HBSS detects nearly what % of malicious activity?

A

80%

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

For every ten attacks, how many of them are detected on the endpoint?

A

8

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

three primary components

A

database, eP0 server, McAfee Agent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

application that runs on a server in an environment, manages and deploys products, handles agent callbacks

A

ePolicy Orchestrator (ePO)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A repository is created by installing a McAfee ePO server on a system. True or False?

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Repositories manage policies, collect events and have a code installed on them. True or False?

A

False. They ain’t nothing more than a file share.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

houses your security software packages and their updates for distribution to your managed systems

A

repositories

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

executable file generated by McAfee epO server that provides secure communication between McAfee epO and managed products

A

McAfee Agent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

provides protection against malicious files such as viruses, worms, Trojans, spyware and potentially unwanted programs

A

VirusScan Enterprise (VSE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

prevents unwanted changes to your computer by restricting access to specified ports, files, shares, registry keys and registry values

A

Access Protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

an extension to ePO that automates the process for risk and compliance system audits

A

McAfee Policy Auditor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

a collection of six open standards developed jointly by various United States government organizations and the private sector.

A

Security Content Automation Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

this occurs when confidential or private information leaves the enterprise as a result of unauthorized communication through channels such as applications, physical devices or network protocols.

17
Q

identifies and protects data within your network (McAfee)

A

McAfee Data Loss Prevention

18
Q

unprotected systems are known as what?

A

rogue systems

19
Q

Rogue systems are often the weak sport of any security strategy. True or False?

20
Q

sensors that use various passive and active network discovery techniques to detect systems connected to the network

A

Rogue System Sensors

21
Q

When a rogue system sensor detects a system on the network, it sends a message to whom?

A

McAfee ePolicy Orchestrator (McAfee epO)

22
Q

detects systems that are not under the protection of HBSS

A

Rogue System Detection (RSD)

23
Q

stores all data about managed systems, McAfee epO, agent handlers, and repositories

24
Q

provides communications that occur at regular intervals between systems and server

A

Agent-Server Communication (ASSC) Connections

25
for software updates, policy updates and reporting events, all McAfee agents will callback directly to what server?
epO server
26
name given to a capability to monitor, detect and counter known cyber threats to DoD networks
HBSS
27
Which agent would monitor usb traffic, verify usernames and prevent OS from seeing USB traffic form unauthorized devices? keyword: prevent OS
DLP Agent
28
signatures distributed by McAfee Headquarters that are stored and distributed in virus definition files are called what?
.DAT files
29
If you wanted detailed information on virus, Trojan,, you'd go to a threat library called what?
McAfee Labs
30
host-based intrusion detection and prevention system that protects system resources and applications from external and internal attacks.
McAfee Host Intrusion Prevention
31
what determines how to handle network traffic
Firewall rules