HBSS Flashcards
a remote computing device that communicates back and forth with a network to which it’s connected
endpoint
examples of endpoints
desktops, laptops, smartphones, tablets
represent key vulnerable points of entry for cyber threat actors
endpoint
HBSS detects nearly what % of malicious activity?
80%
For every ten attacks, how many of them are detected on the endpoint?
8
three primary components
database, eP0 server, McAfee Agent
application that runs on a server in an environment, manages and deploys products, handles agent callbacks
ePolicy Orchestrator (ePO)
A repository is created by installing a McAfee ePO server on a system. True or False?
False
Repositories manage policies, collect events and have a code installed on them. True or False?
False. They ain’t nothing more than a file share.
houses your security software packages and their updates for distribution to your managed systems
repositories
executable file generated by McAfee epO server that provides secure communication between McAfee epO and managed products
McAfee Agent
provides protection against malicious files such as viruses, worms, Trojans, spyware and potentially unwanted programs
VirusScan Enterprise (VSE)
prevents unwanted changes to your computer by restricting access to specified ports, files, shares, registry keys and registry values
Access Protection
an extension to ePO that automates the process for risk and compliance system audits
McAfee Policy Auditor
a collection of six open standards developed jointly by various United States government organizations and the private sector.
Security Content Automation Protocol
this occurs when confidential or private information leaves the enterprise as a result of unauthorized communication through channels such as applications, physical devices or network protocols.
data loss
identifies and protects data within your network (McAfee)
McAfee Data Loss Prevention
unprotected systems are known as what?
rogue systems
Rogue systems are often the weak sport of any security strategy. True or False?
True
sensors that use various passive and active network discovery techniques to detect systems connected to the network
Rogue System Sensors
When a rogue system sensor detects a system on the network, it sends a message to whom?
McAfee ePolicy Orchestrator (McAfee epO)
detects systems that are not under the protection of HBSS
Rogue System Detection (RSD)
stores all data about managed systems, McAfee epO, agent handlers, and repositories
Database
provides communications that occur at regular intervals between systems and server
Agent-Server Communication (ASSC) Connections
for software updates, policy updates and reporting events, all McAfee agents will callback directly to what server?
epO server
name given to a capability to monitor, detect and counter known cyber threats to DoD networks
HBSS
Which agent would monitor usb traffic, verify usernames and prevent OS from seeing USB traffic form unauthorized devices? keyword: prevent OS
DLP Agent
signatures distributed by McAfee Headquarters that are stored and distributed in virus definition files are called what?
.DAT files
If you wanted detailed information on virus, Trojan,, you’d go to a threat library called what?
McAfee Labs
host-based intrusion detection and prevention system that protects system resources and applications from external and internal attacks.
McAfee Host Intrusion Prevention
what determines how to handle network traffic
Firewall rules
