ESS (HBSS) OVERVIEW EXAM
QUESTIONS AND ANSWERS
ESS products: - Correct Answers -ePO ePolicy Orchestrator
CWS -cloud workload security
DXL- Data exchange layer
DLP-DCM Device control module
TACC (was MACC)-
TA Trellix agent (MA)-
ENS Endpoint Security-
PA policy auditor-
RSD rogue system detection
TIE
APS (an ePO extension)
DATT- ePO extension?
OAM- ePO extension
ePO extensions (3) - Correct Answers -APS
DATT
OAM
ENS Modules - Correct Answers -ENS TP Threat Prevention module (VSE and HIPS
replacement)
ENS FW Firewall module (HIPS replacement)
ENS WC Web Control module
DCM - Correct Answers -The Device Control Module (DCM) is a subset of the McAfee
product Data Loss Prevention (DLP). Within the current ESS project, DCM provides the
ability to restrict system access to peripheral devices such as thumb drives and other
removable storage. DCM is available from the patch repository.
TACC (was MACC) - Correct Answers -Trellix application and change control.
Used to whitelist and blacklist items. TACC is not required but people can ask for it.
prevents zero-day and advanced persistent threats by blocking the execution of
unauthorized applications while McAfee Change Control is monitoring and preventing
changes to the file system, registry, and user accounts.
APS - Correct Answers -The APS is aan ESS ePO extension, which is developed
utilizing ESS Software Development Kit (SDK) library. It accesses the Microsoft SQL
QUESTIONS AND ANSWERS
ESS products: - Correct Answers -ePO ePolicy Orchestrator
CWS -cloud workload security
DXL- Data exchange layer
DLP-DCM Device control module
TACC (was MACC)-
TA Trellix agent (MA)-
ENS Endpoint Security-
PA policy auditor-
RSD rogue system detection
TIE
APS (an ePO extension)
DATT- ePO extension?
OAM- ePO extension
ePO extensions (3) - Correct Answers -APS
DATT
OAM
ENS Modules - Correct Answers -ENS TP Threat Prevention module (VSE and HIPS
replacement)
ENS FW Firewall module (HIPS replacement)
ENS WC Web Control module
DCM - Correct Answers -The Device Control Module (DCM) is a subset of the McAfee
product Data Loss Prevention (DLP). Within the current ESS project, DCM provides the
ability to restrict system access to peripheral devices such as thumb drives and other
removable storage. DCM is available from the patch repository.
TACC (was MACC) - Correct Answers -Trellix application and change control.
Used to whitelist and blacklist items. TACC is not required but people can ask for it.
prevents zero-day and advanced persistent threats by blocking the execution of
unauthorized applications while McAfee Change Control is monitoring and preventing
changes to the file system, registry, and user accounts.
APS - Correct Answers -The APS is aan ESS ePO extension, which is developed
utilizing ESS Software Development Kit (SDK) library. It accesses the Microsoft SQL
