The security Analyst notices that there has been a large spike for Secure Shell (SSH) drops in the Network Intrusion Prevention System (NIPS). What other perimeter device will add more insight into what is happening?
By default, the McAfee Enterprise Security Manager (ESM) communicates with the McAfee Event Receiver (ERC) and McAfee Enterprise Log Manager (ELM) over port
Malware performing a network enumeration scan will be visible at the McAfee SIEM as
The possibility of both data source Network Interface Cards (NICs) using the shared IP and MAC address at the same time is eliminated by using which of the following?
To correlate known vulnerabilities to devices that are currently exposed to such vulnerabilities, which of the following must be selected on the Receiver?
A security administrator is configuring the Enterprise Security Manager (ESM) to comply with corporate security policy and wishes to restrict access to the ESM to certain users and machines. Which of the following actions would accomplish this?
