2621468
Question 1
Question
Define Malware ?
Answer
-
Legitimate tool required for daily operation on windows system
-
Malicious software designed to steal information from owner machine
-
Key-logger
Question 2
Question
Which of the following is not a valid Virus Type with reference to computers? ( Choose correct Answer)
Answer
-
Multipartite Virus
-
Stealth Virus
-
MERS
-
Polymorphic Virus
Question 3
Question
Which of the below best describes Static Analysis of Malware ?
Answer
-
Excellent procedure for malware analysis since user does not need to take any event action or execute the file
-
User has to perform Action like event execution for the malware to note its behaviour
-
user should just wait for malware timer to expire and analyze result
Question 4
Question
Which of the following is a characteristic of a Trojan?
Answer
-
Automatically infects and spreads from computer to compute
-
Appears as a useful program to encourage propegation
-
Can only be spread through a network
-
Cannot be spread via social media
Question 5
Question
which of the following below product ATD cannot be integrated with ?
Answer
-
McAfee Web Gateway
-
McAfee NSP
-
McAfee Firewall Enterprise
-
McAfee Email Gateway
Question 6
Question
Which of the following below statement best describes Static Analysis on MATD Policy ?
Answer
-
Static malware analysis utilizes the computational capabilities of the platform to do in moments what a team of researchers could take weeks to accomplish. During static analysis any packed malware is unpacked. Often malware is packed to compress and modify the mal- ware in an attempt to frustrate efforts to analyze it. ATD has phenom- enal success in unpacking malware. The malware code is disassem- bled and reviewed to determine what would happen if the malware was successful in its function. It is important to note that the static analysis is much more than just header analysis
-
Static analysis involves running malware in sandbox environment and extract malicious code out of the file and report to the administrator
-
Static analysis is unique feature of MATD device to perform malware analysis on the malicious file with the help of GAM and GTI only . This identifies the code from the subject file and alert the administrator accordingly.
Question 7
Question
Define McAfee GTI ?
Answer
-
GTI is McAfee Appliance that can be used with McAfee Products to provide reputation based feature to customer network and information exchange
-
Global threat input
-
GTI is reputation database online available and cant be used with McAfee products
-
Global Threat Intelligence is McAfee’s cloud-based security offering. Using thousands of McAfee intelligent agents and devices, confiden- tial data can be correlated about suspicious files to quickly identify malware and determine changes in the threat landscape. These re- sults can be quickly disseminated throughout the cloud to inhibit the spread of infection
Question 8
Question
Which of the below file type is not supported by ATD appliance ?
Answer
-
.exe
-
.pub
-
.apk
-
.zip
-
.rar
Question 9
Question
Which of the below is Supported OS for ATD VM Creation
Answer
-
Windows ME
-
Windows 3.1
-
Windows 10
-
Windows 7 Professional (32bit)
-
None of The Above
Question 10
Question
Which of the following is supported language for Windows VM on ATD device ?
Answer
-
Arabic
-
Bangla
-
Malay
-
Japanese
Question 11
Question
Which of the below is the correct order of ATD Static Analysis scan ?
Answer
-
Local Whitelist -->Local Blacklist -->(GAM Emulation)-->GTI Reputation-->Sandbox
-
Local Whitelist -->Local Blacklist -->(sandbox)-->PDF SCAN- Emulation
-
Local Whitelist -->Local Blacklist -->(GAM Emulation)-->GTI Reputation-->MEG
-
Local Whitelist -->Local Blacklist -->(GAM Emulation)-->GTI Reputation-->McAfee AV Scan
Question 12
Question
Which port is used for SSH into ATD Appliance ?
Answer
-
21
-
22
-
2211
-
2222
Question 13
Question
Which of the following below is the correct BAUD rate for Serial connection to ATD device ?
Answer
-
115000
-
38400
-
119200
-
115200
Question 14
Question
Which of the following is correct command to set ATD appliance name( CLI) ?
Answer
-
Set Appliance Name
-
Set Name
-
Set sensor name
Question 15
Question
Which is the default credential for ATD web admin console login ?
Answer
-
admin123
-
admin123$
-
admin
Question 16
Question
What of the following mode is currently supported for deployment of ATD appliance ?
Answer
-
Inline mode
-
SPAN MODE
-
Standalone mode
-
TAP MODE
Question 17
Question
which of the following below is correct credential for CLI login to ATD ( Above Version 3.2.0) ?
Answer
-
atdadmin/atdadmin
-
admin/admin
-
cliadmin/atdadmin
Question 18
Question
Which of the following below command can be used to view ATD Appliance details ( System IP, Software Version )?
Answer
-
Status
-
show system status
-
show
Question 19
Question
What is the result of the command "Factorydefault" ?
Answer
-
Wipes all default configuration and keeps network configuration only
-
Rest admin credentials and removes all the VM images/profile
-
Resets the active disk to defaults. This deletes all IP addresses, results, logs and VM’s on the active disk and restores it with the backup disk
Question 20
Question
What is the maximum number of VM supported on ATD 6000 Appliance ?
Answer
-
30
-
45
-
50
-
60
Question 21
Question
what does Reset database option do the ATD device configuration (if checked while upgrade)?
Answer
-
The Reset Database checkbox will reset all analyzer policies and VM profiles and delete any analysis samples on the ATD appliance. This will NOT remove any virtual machines that have been uploaded to the appliance.
-
The Reset Database checkbox will reset all analyzer policies and VM profiles and delete any analysis samples on the ATD appliance. This will remove virtual machines that have been uploaded to the appliance.
-
The Reset Database checkbox will reset all analyzer policies and VM profiles and delete any analysis samples on the ATD appliance. This will remove virtual machines and user configuration from appliance.
Question 22
Question
Command " Copy to backup"
Answer
-
is used to backup the active disk to the backup before an upgrade
-
is used to backup the second disk before an upgrade
-
is used to backup the redundant disk before an upgrade
Question 23
Question
What is the correct command to add whitelist entry to ATD Appliance ?
Answer
-
whitelist entry update
-
whitelist entry add
-
whitelist add
Question 24
Question
Can you delete default ATD admin user account ?
Answer
-
Yes
-
No
Question 25
Question
Which protocol is used for integration with McAfee Web Gateway and ATD ?
Answer
-
SMP
-
SAML
-
REST
Question 26
Question
What is benefit of ePO integration with ATD device ?
Answer
-
ePO provides user name to ATD
-
User Machine MAC Address
-
TARGET OS can be provided to ATD
Question 27
Question
ATD Architecture is based on
Answer
-
VMWARE
-
HYPER-V
-
Type 1 Hypervisor
Question 28
Question
Define Support Bundle ?
Answer
-
The support bundle is a .tgz of the system log files, any diagnostic files and some additional miscellaneous log files for McAfee Customer Support. After clicking the button a prompt is given for a McAfee Support Ticket number
-
The support bundle is a .tgz of the system log files, VM image files and some additional information for McAfee Customer Support. After clicking the button a prompt is given for a McAfee Support Ticket number
-
The support bundle is a .tgz of the system log files, audit log files and some additional information for McAfee Customer Support. After clicking the button a prompt is given for a McAfee Support Ticket number
Question 29
Question
which of the following is not a default user account on ATD appliance ?
Answer
-
admin
-
mwg
-
nsp
-
atdadmin
-
apoadmin
Question 30
Question
which of the following is not a default role on ATD appliance ?
Answer
-
Admin
-
Web Access
-
Ftp Access
-
Restful Access
-
Telnet Access
Question 31
Question
What is real internet mode ?
Answer
-
If Internet connectivity is enabled in the analyz- er profile, McAfee Advanced Threat Defense uses this mode. McAfee Advanced Threat Defense provides a real Internet connection through the management port, which is publicly routed as directed by the ATD network configuration. The interface port that ATD uses to connect to the internet using this mode can be designated in ATD 3.2.0 and later.
-
If Internet connectivity is enabled in the analyz- er profile, McAfee Advanced Threat Defense uses this mode. McAfee Advanced Threat Defense provides a real Internet connection through the management port, which is publicly routed as directed by the ATD network configuration. The interface port that ATD uses to connect to the internet using this mode can be designated in ATD 3..0.4 only
-
If Internet connectivity is enabled in the analyz- er profile, McAfee Advanced Threat Defense uses this mode. McAfee Advanced Threat Defense provides a real Internet connection through the management port, which is publicly routed as directed by the ATD network configuration. The interface port that ATD uses to connect to the internet using this mode can be designated in ATD 3.0.5 only
Question 32
Question
what is the property used in McAfee Web Gateway ruleset for Anti malware threshold trigger ?
Answer
-
Antimalware.Proactive. Absolute
-
Antimalware.Proactive. Minimum
-
Antimalware.Proactive. Probablility
Question 33
Question
What is the value of Scan timeout of MWG appliance for ATD analysis results ?
Answer
-
10 hours
-
10 seconds
-
20 minutes
-
5 seconds
-
10 minutes
Question 34
Question
what is minimum version of Web Gateway required to support ATD device ?
Answer
-
7.1.0
-
7.3.0
-
7.3.2
-
7.4.x
Question 35
Question
What is maximum supported file size limit for malware analysis (send file) from NSP ?
Answer
-
10 MB
-
15 MB
-
20 MB
-
128 MB
-
25 MB
Question 36
Question
ATD appliances are only involved in the Detection & Analysis step of an Incident Response cycle ?
Answer
-
True
-
False
Want to create your own Quizzes for free with GoConqr? Learn more.