Questions for the MA0-103 were updated on : Nov 21 ,2025
Page 1 out of 5. Viewing questions 1-15 out of 70
Question 1
To determine baseline conditions for DLP implementation, which of the following actions can the DLP End point Administrator perform?
A. Configure database statistics
B. Run the Policy Analyzer
C. Configure backward compatibility
D. Perform testing with various groups
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 2
To meet specific requirements for managed systems in four different regions, an organization has customized several values within DLPE Agent Configuration policies. The four different Agent Configuration policies have been applied to objects in the ePO System Tree. Prior to an upgrade the four different Agent Configuration policies can be backed up through which of the following methods?
A. The DLP Policy, File, Save as feature
B. The DLP Policy, File, Export Policy to HTML feature
C. The DLP Policy, File, Synchronize Templates feature
D. The McAfee ePolicy Orchestrator Policy Catalog feature
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 3
Which of the following organizational structures demonstrates strict compliance to Segregation of Duties?
A. Separate teams for Administration, Operations, Support, and Incident Management
B. Same team for Administration, Operations, Support, and Incident Management
C. Same team for Administration and Operations. Separate teams for Support, and Incident Management
D. Separate teams for Administration, and Operations. Same team for Support and Incident Management
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 4
How can the use of USB drives be identified?
A. Enable plug and play device rule to monitor USB plugs
B. Enable unmanageable device classes to monitor USB plugs
C. Enable fixed hard drive rule to monitor USB plugs
D. Enable removable file storage access to monitor USB plugs
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 5
How can remote users who are not connected to the corporate network be protected?
A. Enable online reactions within protection rules
B. Enable location-aware rules for offline users
C. Add local users to user assignment groups
D. Enable offline reactions within protection rules
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 6
By default, McAfee DLP will copy evidence to its configured share using which of the following accounts?
A. ePO Service Account
B. MCAFEE AGENT ACCOUNT
C. NETWORK SERVICE
D. Pre-defined service account
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 7
How long must the operational events be stored in the ePO database before purging?
A. As defined by the Acceptable Use Policy
B. As defined by the Risk Management Framework
C. As defined by the Auditor
D. As defined by the Data Retention Policy
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 8
What rule prevents unauthorized executables and potential malware from running directly from Removable Storage Devices?
A. Removable Storage Protection Rule
B. Removable Storage File Access Rule
C. Removable Storage Device Rule
D. Removable Storage File Block Rule
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 9
An executive sends merger documents to legal counsel. Policy dictates the documents should be encrypted, but they are being sent in plain text. What is the appropriate action to configure in such a case using DLPe protection rules?
A. Monitor the activity using a File System Protection Rule, store the evidence and notify the user.
B. Verify the violation and send an alert to the administrator.
C. An Email Protection Rule should be used to block the email unless the documents are encrypted.
D. Do nothing.
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 10
How would internal users be prohibited from accessing local drives?
A. Enable fixed hard drive device rule
B. Enable blocking of local drives
C. Enable cloud protection rule
D. Enable monitoring and protection rule for all local drives
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 11
Which of the following is NOT a proactive approach to preventing performance issues?
A. Adding exclusions for security and indexing software
B. Removing unnecessary applications and application definitions from the policy
C. Disabling unused modules in Agent Configuration
D. Running a File System Discovery Scan
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 12
DLPe application strategies, in order of decreasing security, are:
A. Editor, Explorer, Trusted, Archiver
B. Trusted, Explorer, Editor, Archiver
C. Editor, Explorer, Archiver, Trusted
D. Secure, Trusted, Editor, Allow
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 13
Which of the following statements is TRUE about Network Communication Protection Rules?
A. Protects files on specific file servers or mass storage devices
B. Interacts with Internet Protocol 6 (IPv6)
C. Blocks SMB connections
D. Terminates the connection
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 14
How can users be prohibited from transferring sensitive files to attached storage devices?
A. Configure a digital rights management policy
B. Configure a Removable Storage Protection rule
C. Configure a Clipboard Protection rule
D. Notify users that sensitive files should not be copied
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 15
Which Corporate Security Policy affects the Evidence Share and ePO Database size and growth?