Online 250-561 Test Brain Dump Question and Test Engine [Q38-Q58]

Rate this post

Online 250-561 Test Brain Dump Question and Test Engine

Real Symantec 250-561 Exam Dumps with Correct 72 Questions and Answers

Q38. Which report template includes a summary of risk distribution by devices, users, and groups?

Device Integrity

Threat Distribution

Comprehensive

Weekly

Q39. Which Security Control dashboard widget should an administrator utilize to access detailed areas for a given security control ?

Learn More

Quick Links

More Info

Latest Tasks

Q40. Which SEPM-generated element is required for an administrator to complete the enrollment of SEPM to the cloud console?

Token

SEPM password

Certificate key pair

SQL password

Q41. An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity. What should an administrator do to display only high risk files?

Apply a list control

Apply a search rule

Apply a list filter

Apply a search modifier

Q42. Which SES advanced feature detects malware by consulting a training model composed of known good and known bad fries?

Signatures

Advanced Machine Learning

Reputation

Artificial Intelligence

Q43. Which Anti-malware technology should an administrator utilize to expose the malicious nature of a file created with a custom packet?

Sandbox

SONAR

Reputation

Emulator

Q44. In the ICDm, administrators are assisted by the My Task view. Which automation type creates the tasks within the console?

Artificial Intelligence

Machine Learning

Advanced Machine Learning

Administrator defined rules

Q45. Wh.ch Firewall rule components should an administrator configure to block facebook.com use during business hours?

Action, Hosts(s), and Schedule

Action, Application, and Schedule

Host(s), Network Interface, and Network Service

Application, Host(s), and Network Service

Q46. In which phase of MITRE framework would attackers exploit faults in software to directly tamper with system memory?

Exfiltration

Discovery

Execution

Defense Evasion

Q47. Which designation should an administrator assign to the computer configured to find unmanaged devices?

Discovery Broker

Discovery Agent

Discovery Manager

Discovery Device

Q48. Which Firewall Stealth setting prevents OS fingerprinting by sending erroneous OS information back to the attacker?

Disable OS fingerprint profiling

Disable OS fingerprint detection

Enable OS fingerprint masqueradi

Enable OS fingerprint protection

Q49. A user downloads and opens a PDF file with Adobe Acrobat. Unknown to the user, a hidden script in the file begins downloading a RAT.
Which Anti-malware engine recognizes that this behavior is inconsistent with normal Acrobat functionality, blocks the behavior and kills Acrobat?

SONAR

Sapient

IPS

Emulator

Q50. Which two (2) steps should an administrator take to guard against re-occurring threats? (Select two)

Confirm that daily active and weekly full scans take place on all endpoints

Verify that all endpoints receive scheduled Live-Update content

Use Power Eraser to clean endpoint Windows registries

Add endpoints to a high security group and assign a restrictive Antimalware policy to the group

Quarantine affected endpoints

Q51. An endpoint fails to retrieve content updates.
Which URL should an administrator test in a browser to determine if the issue is network related?

https://liveupdate.symantec,com/livetri.zi

http://update.symantec.com/livetri.zip

https://spocsymantec.com/livetri.zip

https://update.symantec.com/livetri.zip

Q52. An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.
What should the administrator do?

Add the file SHA1 to a blacklist policy

Increase the Antimalware policy Intensity to Level 5

Add the filename and SHA-256 hash to a Blacklist policy

Adjust the Antimalware policy age and prevalence settings

Q53. Which IPS Signature type is Primarily used to identify specific unwanted traffic?

Attack

Probe

Audit

Malcode

Q54. Which two (2) scan range options are available to an administrator for locating unmanaged endpoints? (Select two)

IP range within network

IP range within subnet

Entire Network

Entire Subnet

Subnet Range

Q55. Which policy should an administrator edit to utilize the Symantec LiveUpdate server for pre-release content?

The Firewall Policy

The System Schedule Policy

The System Policy

The LiveUpdate Policy

Q56. Which option should an administrator utilize to temporarily or permanently block a file?

Delete

Hide

Encrypt

Blacklist

Q57. What must an administrator check prior to enrolling an on-prem SEPM infrastructure into the cloud?

Clients are running SEP 14.2 or later

Clients are running SEP 14.1.0 or later

Clients are running SEP 12-6 or later

Clients are running SEP 14.0.1 or late

Q58. Which technique randomizes the e memory address map with Memory Exploit Mitigation?

SEHOP

ROPHEAP

ASLR

ForceDEP

Loading …

Valid 250-561 Test Answers & Symantec 250-561 Exam PDF: https://www.prepawaypdf.com/Symantec/250-561-practice-exam-dumps.html

No related posts.

admin

Leave a Reply Cancel reply