• Home
  • Articles
  • New ActualVCE 250-561 Exam Questions Real 250-561 Dumps Updated on Dec 04, 2024 [Q33-Q58]

New ActualVCE 250-561 Exam Questions Real 250-561 Dumps Updated on Dec 04, 2024 [Q33-Q58]

Share

New ActualVCE 250-561 Exam Questions| Real 250-561 Dumps Updated on Dec 04, 2024

250-561 Braindumps – 250-561 Questions to Get Better Grades

NEW QUESTION # 33
Which security threat uses malicious code to destroy evidence, break systems, or encrypt data?

  • A. Impact
  • B. Execution
  • C. Persistence
  • D. Discovery

Answer: B


NEW QUESTION # 34
Which two (2) steps should an administrator take to guard against re-occurring threats? (Select two)

  • A. Add endpoints to a high security group and assign a restrictive Antimalware policy to the group
  • B. Use Power Eraser to clean endpoint Windows registries
  • C. Verify that all endpoints receive scheduled Live-Update content
  • D. Quarantine affected endpoints
  • E. Confirm that daily active and weekly full scans take place on all endpoints

Answer: B,D


NEW QUESTION # 35
Which file property does SES utilize to search the VirusTotal website for suspicious file information?

  • A. File name
  • B. File reputation
  • C. File size
  • D. File hash

Answer: A


NEW QUESTION # 36
In which phase of MITRE framework would attackers exploit faults in software to directly tamper with system memory?

  • A. Exfiltration
  • B. Defense Evasion
  • C. Execution
  • D. Discovery

Answer: B


NEW QUESTION # 37
Which framework, open and available to any administrator, is utilized to categorize adversarial tactics and for each phase of a cyber attack?

  • A. MITRE RESPONSE
  • B. MITRE ATT&CK
  • C. MITRE ADV&NCE
  • D. MITRE ATTACK MATRIX

Answer: C


NEW QUESTION # 38
Which SES advanced feature detects malware by consulting a training model composed of known good and known bad fries?

  • A. Advanced Machine Learning
  • B. Artificial Intelligence
  • C. Reputation
  • D. Signatures

Answer: A


NEW QUESTION # 39
Which statement best describes Artificial Intelligence?

  • A. A program that is autonomous and needs training to perform a task
  • B. A program that can predict when a task should be performed
  • C. A program that automates tasks with a static set of instructions
  • D. A program that learns from experience and perform autonomous tasks

Answer: C


NEW QUESTION # 40
Which SES security control protects against threats that may occur in the Impact phase?

  • A. Antimalware
  • B. IPS
  • C. Firewall
  • D. Device Control

Answer: C


NEW QUESTION # 41
How long does a blacklist task remain in the My Tasks view after its automatic creation?

  • A. 90 Days
  • B. 30 Days
  • C. 180 Days
  • D. 60 Days

Answer: B


NEW QUESTION # 42
Which file should an administrator create, resulting Group Policy Object (GPO)?

  • A. Symantec__Agent_package_x64.msi
  • B. Symantec__Agent_package_x64.exe
  • C. Symantec__Agent_package_x64.zip
  • D. Symantec__Agent_package__32-bit.msi

Answer: D


NEW QUESTION # 43
Which Symantec component is required to enable two factor authentication with VIP on the Integrated Cyber Defense manager (ICDm)?

  • A. A physical token or a software token
  • B. A software token and an active directory account
  • C. A software token and a VIP server
  • D. A physical token or a secure USB key

Answer: C


NEW QUESTION # 44
Which alert rule category includes events that are generated about the cloud console?

  • A. Diagnostic
  • B. Security
  • C. System
  • D. Application Activity

Answer: B


NEW QUESTION # 45
Which rule types should be at the bottom of the list when an administrator adds device control rules?

  • A. Specific "device model" rules
  • B. General "brand defined" rules
  • C. General "catch all" rules
  • D. Specific "device type" rules

Answer: A


NEW QUESTION # 46
An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.
What should the administrator do?

  • A. Adjust the Antimalware policy age and prevalence settings
  • B. Add the file SHA1 to a blacklist policy
  • C. Increase the Antimalware policy Intensity to Level 5
  • D. Add the filename and SHA-256 hash to a Blacklist policy

Answer: A


NEW QUESTION # 47
Which IPS Signature type is Primarily used to identify specific unwanted traffic?

  • A. Probe
  • B. Audit
  • C. Malcode
  • D. Attack

Answer: D


NEW QUESTION # 48
Which dashboard should an administrator access to view the current health of the environment?

  • A. The SES Dashboard
  • B. The Device Integrity Dashboard
  • C. The Antimalware Dashboard
  • D. The Security Control Dashboard

Answer: D


NEW QUESTION # 49
What does SES's advanced search feature provide when an administrator searches for a specific term?

  • A. A search modifier dialog
  • B. A search summary dialog
  • C. A suggested terms dialog
  • D. A search wizard dialog

Answer: A


NEW QUESTION # 50
What are two (2) benefits of a fully cloud managed endpoint protection solution? (Select two)

  • A. Reduced network usage
  • B. Reduced 3rd party licensing cost
  • C. Increased visibility
  • D. Increased content update frequency
  • E. Reduced database usage

Answer: B,E


NEW QUESTION # 51
An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity. What should an administrator do to display only high risk files?

  • A. Apply a list filter
  • B. Apply a list control
  • C. Apply a search rule
  • D. Apply a search modifier

Answer: C


NEW QUESTION # 52
After editing and saving a policy, an administrator is prompted with the option to apply the edited policy to any assigned device groups.
What happens to the new version of the policy if the administrator declines the option to apply it?

  • A. The new version of the policy is added to the "in progress" list
  • B. An unassigned version of the policy is created
  • C. The policy display is returned to edit mode
  • D. The new version of the policy is deleted

Answer: C


NEW QUESTION # 53
Which communication method is utilized within SES to achieve real-time management?

  • A. Push Notification
  • B. Long polling
  • C. Standard polling
  • D. Heartbeat

Answer: A


NEW QUESTION # 54
Which SEPM-generated element is required for an administrator to complete the enrollment of SEPM to the cloud console?

  • A. Token
  • B. Certificate key pair
  • C. SQL password
  • D. SEPM password

Answer: A


NEW QUESTION # 55
Wh.ch Firewall rule components should an administrator configure to block facebook.com use during business hours?

  • A. Host(s), Network Interface, and Network Service
  • B. Application, Host(s), and Network Service
  • C. Action, Hosts(s), and Schedule
  • D. Action, Application, and Schedule

Answer: C


NEW QUESTION # 56
Why would an administrator choose the Server-optimized installation option when creating an installation package?

  • A. To add the SES client's Optimize Memory setting to the default server installation.
  • B. To limit the Intrusion Prevention policy to use server-only signatures.
  • C. To reduce the SES client's using resources that are required for other server-specific processes.
  • D. To add the Server-optimized Firewall policy

Answer: B


NEW QUESTION # 57
Which designation should an administrator assign to the computer configured to find unmanaged devices?

  • A. Discovery Agent
  • B. Discovery Manager
  • C. Discovery Broker
  • D. Discovery Device

Answer: A


NEW QUESTION # 58
......


Passing the Symantec 250-561 exam demonstrates that an IT professional has the knowledge and skills required to effectively manage and maintain endpoint security solutions using Symantec Endpoint Protection software. It is a valuable certification for IT professionals seeking to advance their careers in endpoint security administration.

 

250-561 Exam Dumps - Try Best 250-561 Exam Questions: https://www.actualvce.com/Symantec/250-561-valid-vce-dumps.html

Related Articles

more
Symantec 250-561 Certification Practice Exam