HBSS 501 Questions and Answers(A+ Solution guide)

1. CND Services include Prepare; Protect and _________ - -Respond 2. What action should be taken if an event is found to be a false positive? - -Start the tuning process 3. Which product is responsible for collecting endpoint properties and policy enforcement? - - McAfee HIPS (?) 4. What is the correct order for prioritizing events? - -Severity; Action Taken; Volume 5. An admin creates ___________ to manage the software installed on the endpoint. - -Policies 6. Which HIPS label shows the friendly name of a HIPS event? - -Signature Name 7. Which of the following is not true about ArcSight and situational awareness? - -Prevention 8. In order to manage an endpoint; ___________ must be installed. - -McAfee Agent (?) 9. A dashboard is a collection of __________ shown together in the same location. - -Monitors 10. Which VSE label shows the friendly name of a VSE event? - -Threat Name 11. Which feature does HIPS and VSE both have in common but is disabled on one when both are installed on the same endpoint? - -Buffer Overflow Protection 12. Which query filter label helps group similar data for VSE? - -Threat Type13. As an Analyst; your duty includes reviewing all the data collected by the ePO server. - -False (?) 14. Which of the following is a valid query output? - -All of the above (?) 15. __________ queries are created specifically to gather HBSS related compliance data. - - Enhanced Reporting 16. Which of the following VSE events should get the highest priority? - -Virus detected and not cleaned (?) 17. In which query builder menu do you select the data source; i.e. Managed Systems or Threat Events? - -Result Type 18. You can import a query that was created on a different ePO server. - -True (?) 19. In which of the following is process improvement and recommendations made? - -Respond 20. Which label identifies the managed product by friendly name? - -Detecting Product Name 21. HIPS 8 does not have the following feature: - -Application Blocking