Which of the following are the Boolean logic functions that can be used to create Correlation Rules?
The normalization value assigned to each data-source event allows
Which authentication methods can be configured to control alarm management privileges?
On the McAfee enterprise Security Manager (ESM), the default data Retention setting specifies that Event and Flow data should be maintained for
Which of the following is the minimum amount of disk space required to install the McAfee Enterprise Security Manager (ESM) as a virtual machine?
The analyst has created a correlation rule to correlate events from Anti-Virus (AV), Network Intrusion Prevention (NIPS) and the firewall. While reviewing just firewall events, the analyst notices a large spike in outbound Command and Control traffic; however, the correlation rule is not triggering. The analyst then looks at the Network IPS and the Anti-Virus views and notices there are no alerts for this traffic. Which of the following features of NIPS and AV are most likely turned off?
