McAfee Advance Threat Defense - Training Quiz

Description

McAfee Advance Threat Defense - Training Quiz
esnlalan
Quiz by esnlalan, updated more than 1 year ago
esnlalan
Created by esnlalan over 9 years ago
119
0

Resource summary

Question 1

Question
Define Malware ?
Answer
  • Legitimate tool required for daily operation on windows system
  • Malicious software designed to steal information from owner machine
  • Key-logger

Question 2

Question
Which of the following is not a valid Virus Type with reference to computers? ( Choose correct Answer)
Answer
  • Multipartite Virus
  • Stealth Virus
  • MERS
  • Polymorphic Virus

Question 3

Question
Which of the below best describes Static Analysis of Malware ?
Answer
  • Excellent procedure for malware analysis since user does not need to take any event action or execute the file
  • User has to perform Action like event execution for the malware to note its behaviour
  • user should just wait for malware timer to expire and analyze result

Question 4

Question
Which of the following is a characteristic of a Trojan?
Answer
  • Automatically infects and spreads from computer to compute
  • Appears as a useful program to encourage propegation
  • Can only be spread through a network
  • Cannot be spread via social media

Question 5

Question
which of the following below product ATD cannot be integrated with ?
Answer
  • McAfee Web Gateway
  • McAfee NSP
  • McAfee Firewall Enterprise
  • McAfee Email Gateway

Question 6

Question
Which of the following below statement best describes Static Analysis on MATD Policy ?
Answer
  • Static malware analysis utilizes the computational capabilities of the platform to do in moments what a team of researchers could take weeks to accomplish. During static analysis any packed malware is unpacked. Often malware is packed to compress and modify the mal- ware in an attempt to frustrate efforts to analyze it. ATD has phenom- enal success in unpacking malware. The malware code is disassem- bled and reviewed to determine what would happen if the malware was successful in its function. It is important to note that the static analysis is much more than just header analysis
  • Static analysis involves running malware in sandbox environment and extract malicious code out of the file and report to the administrator
  • Static analysis is unique feature of MATD device to perform malware analysis on the malicious file with the help of GAM and GTI only . This identifies the code from the subject file and alert the administrator accordingly.

Question 7

Question
Define McAfee GTI ?
Answer
  • GTI is McAfee Appliance that can be used with McAfee Products to provide reputation based feature to customer network and information exchange
  • Global threat input
  • GTI is reputation database online available and cant be used with McAfee products
  • Global Threat Intelligence is McAfee’s cloud-based security offering. Using thousands of McAfee intelligent agents and devices, confiden- tial data can be correlated about suspicious files to quickly identify malware and determine changes in the threat landscape. These re- sults can be quickly disseminated throughout the cloud to inhibit the spread of infection

Question 8

Question
Which of the below file type is not supported by ATD appliance ?
Answer
  • .exe
  • .pub
  • .apk
  • .zip
  • .rar

Question 9

Question
Which of the below is Supported OS for ATD VM Creation
Answer
  • Windows ME
  • Windows 3.1
  • Windows 10
  • Windows 7 Professional (32bit)
  • None of The Above

Question 10

Question
Which of the following is supported language for Windows VM on ATD device ?
Answer
  • Arabic
  • Bangla
  • Malay
  • Japanese

Question 11

Question
Which of the below is the correct order of ATD Static Analysis scan ?
Answer
  • Local Whitelist -->Local Blacklist -->(GAM Emulation)-->GTI Reputation-->Sandbox
  • Local Whitelist -->Local Blacklist -->(sandbox)-->PDF SCAN- Emulation
  • Local Whitelist -->Local Blacklist -->(GAM Emulation)-->GTI Reputation-->MEG
  • Local Whitelist -->Local Blacklist -->(GAM Emulation)-->GTI Reputation-->McAfee AV Scan

Question 12

Question
Which port is used for SSH into ATD Appliance ?
Answer
  • 21
  • 22
  • 2211
  • 2222

Question 13

Question
Which of the following below is the correct BAUD rate for Serial connection to ATD device ?
Answer
  • 115000
  • 38400
  • 119200
  • 115200

Question 14

Question
Which of the following is correct command to set ATD appliance name( CLI) ?
Answer
  • Set Appliance Name
  • Set Name
  • Set sensor name

Question 15

Question
Which is the default credential for ATD web admin console login ?
Answer
  • admin123
  • admin123$
  • admin

Question 16

Question
What of the following mode is currently supported for deployment of ATD appliance ?
Answer
  • Inline mode
  • SPAN MODE
  • Standalone mode
  • TAP MODE

Question 17

Question
which of the following below is correct credential for CLI login to ATD ( Above Version 3.2.0) ?
Answer
  • atdadmin/atdadmin
  • admin/admin
  • cliadmin/atdadmin

Question 18

Question
Which of the following below command can be used to view ATD Appliance details ( System IP, Software Version )?
Answer
  • Status
  • show system status
  • show

Question 19

Question
What is the result of the command "Factorydefault" ?
Answer
  • Wipes all default configuration and keeps network configuration only
  • Rest admin credentials and removes all the VM images/profile
  • Resets the active disk to defaults. This deletes all IP addresses, results, logs and VM’s on the active disk and restores it with the backup disk

Question 20

Question
What is the maximum number of VM supported on ATD 6000 Appliance ?
Answer
  • 30
  • 45
  • 50
  • 60

Question 21

Question
what does Reset database option do the ATD device configuration (if checked while upgrade)?
Answer
  • The Reset Database checkbox will reset all analyzer policies and VM profiles and delete any analysis samples on the ATD appliance. This will NOT remove any virtual machines that have been uploaded to the appliance.
  • The Reset Database checkbox will reset all analyzer policies and VM profiles and delete any analysis samples on the ATD appliance. This will remove virtual machines that have been uploaded to the appliance.
  • The Reset Database checkbox will reset all analyzer policies and VM profiles and delete any analysis samples on the ATD appliance. This will remove virtual machines and user configuration from appliance.

Question 22

Question
Command " Copy to backup"
Answer
  • is used to backup the active disk to the backup before an upgrade
  • is used to backup the second disk before an upgrade
  • is used to backup the redundant disk before an upgrade

Question 23

Question
What is the correct command to add whitelist entry to ATD Appliance ?
Answer
  • whitelist entry update
  • whitelist entry add
  • whitelist add

Question 24

Question
Can you delete default ATD admin user account ?
Answer
  • Yes
  • No

Question 25

Question
Which protocol is used for integration with McAfee Web Gateway and ATD ?
Answer
  • SMP
  • SAML
  • REST

Question 26

Question
What is benefit of ePO integration with ATD device ?
Answer
  • ePO provides user name to ATD
  • User Machine MAC Address
  • TARGET OS can be provided to ATD

Question 27

Question
ATD Architecture is based on
Answer
  • VMWARE
  • HYPER-V
  • Type 1 Hypervisor

Question 28

Question
Define Support Bundle ?
Answer
  • The support bundle is a .tgz of the system log files, any diagnostic files and some additional miscellaneous log files for McAfee Customer Support. After clicking the button a prompt is given for a McAfee Support Ticket number
  • The support bundle is a .tgz of the system log files, VM image files and some additional information for McAfee Customer Support. After clicking the button a prompt is given for a McAfee Support Ticket number
  • The support bundle is a .tgz of the system log files, audit log files and some additional information for McAfee Customer Support. After clicking the button a prompt is given for a McAfee Support Ticket number

Question 29

Question
which of the following is not a default user account on ATD appliance ?
Answer
  • admin
  • mwg
  • nsp
  • atdadmin
  • apoadmin

Question 30

Question
which of the following is not a default role on ATD appliance ?
Answer
  • Admin
  • Web Access
  • Ftp Access
  • Restful Access
  • Telnet Access

Question 31

Question
What is real internet mode ?
Answer
  • If Internet connectivity is enabled in the analyz- er profile, McAfee Advanced Threat Defense uses this mode. McAfee Advanced Threat Defense provides a real Internet connection through the management port, which is publicly routed as directed by the ATD network configuration. The interface port that ATD uses to connect to the internet using this mode can be designated in ATD 3.2.0 and later.
  • If Internet connectivity is enabled in the analyz- er profile, McAfee Advanced Threat Defense uses this mode. McAfee Advanced Threat Defense provides a real Internet connection through the management port, which is publicly routed as directed by the ATD network configuration. The interface port that ATD uses to connect to the internet using this mode can be designated in ATD 3..0.4 only
  • If Internet connectivity is enabled in the analyz- er profile, McAfee Advanced Threat Defense uses this mode. McAfee Advanced Threat Defense provides a real Internet connection through the management port, which is publicly routed as directed by the ATD network configuration. The interface port that ATD uses to connect to the internet using this mode can be designated in ATD 3.0.5 only

Question 32

Question
what is the property used in McAfee Web Gateway ruleset for Anti malware threshold trigger ?
Answer
  • Antimalware.Proactive. Absolute
  • Antimalware.Proactive. Minimum
  • Antimalware.Proactive. Probablility

Question 33

Question
What is the value of Scan timeout of MWG appliance for ATD analysis results ?
Answer
  • 10 hours
  • 10 seconds
  • 20 minutes
  • 5 seconds
  • 10 minutes

Question 34

Question
what is minimum version of Web Gateway required to support ATD device ?
Answer
  • 7.1.0
  • 7.3.0
  • 7.3.2
  • 7.4.x

Question 35

Question
What is maximum supported file size limit for malware analysis (send file) from NSP ?
Answer
  • 10 MB
  • 15 MB
  • 20 MB
  • 128 MB
  • 25 MB

Question 36

Question
ATD appliances are only involved in the Detection & Analysis step of an Incident Response cycle ?
Answer
  • True
  • False
Show full summary Hide full summary

Similar

CCNA Security 210-260 IINS - Exam 3
Mike M
CCNA Security Final Exam
Maikel Degrande
Spyware
Sam2
Professional, Legal, and Ethical Issues in Information Security
mfundo.falteni
CyberSecurity
Stephen Williamson
Security Policies
indysingh7285
Cisco IT Essentials 7.0 | Chapter 13: Security Exam
dksajpigbdu asdfagdsga
FIT3031 - Network Security Exam Practice
Nicholas Bagnall
The Vulnerability–Threat–Control Paradigm
Steve Ramirez
Cybersecurity: A Thorny Issue in Remote Working for CHROs
TOP CHRO
CYBERSECURITY
Donavan Moss