[Mar 05, 2023] Achive your Success with Latest Symantec 250-561 Exam [Q14-Q37]

Share

Achive your Success with Latest Symantec 250-561 Exam [Mar 05, 2023]

The 250-561 Exam Test For Brief Preparation 

NEW QUESTION 14
What is the frequency of feature updates with SES and the Integrated Cyber Defense Manager (ICDm)

  • A. Quarterly
  • B. Weekly
  • C. Bi-monthly
  • D. Monthly

Answer: B

 

NEW QUESTION 15
Which antimalware intensity level is defined by the following: "Blocks files that are most certainly bad or potentially bad files. Results in a comparable number of false positives and false negatives."

  • A. Level 2
  • B. Level 5
  • C. Level 6
  • D. Level 1

Answer: C

 

NEW QUESTION 16
Which Endpoint > Setting should an administrator utilize to locate unmanaged endpoints on a network subnet?

  • A. Device Discovery
  • B. Discover and Deploy
  • C. Discover Endpoints
  • D. Endpoint Enrollment

Answer: C

 

NEW QUESTION 17
Which report template type should an administrator utilize to create a daily summary of network threats detected?

  • A. Intrusion Prevention Report
  • B. Access Violation Report
  • C. Blocked Threats Report
  • D. Network Risk Report

Answer: B

 

NEW QUESTION 18
Which Anti-malware technology should an administrator utilize to expose the malicious nature of a file created with a custom packet?

  • A. SONAR
  • B. Emulator
  • C. Sandbox
  • D. Reputation

Answer: C

 

NEW QUESTION 19
Which SES security control protects against threats that may occur in the Impact phase?

  • A. Firewall
  • B. Antimalware
  • C. Device Control
  • D. IPS

Answer: A

 

NEW QUESTION 20
What does SES's advanced search feature provide when an administrator searches for a specific term?

  • A. A suggested terms dialog
  • B. A search summary dialog
  • C. A search wizard dialog
  • D. A search modifier dialog

Answer: D

 

NEW QUESTION 21
Which file should an administrator create, resulting Group Policy Object (GPO)?

  • A. Symantec__Agent_package_x64.zip
  • B. Symantec__Agent_package_x64.exe
  • C. Symantec__Agent_package__32-bit.msi
  • D. Symantec__Agent_package_x64.msi

Answer: C

 

NEW QUESTION 22
After editing and saving a policy, an administrator is prompted with the option to apply the edited policy to any assigned device groups.
What happens to the new version of the policy if the administrator declines the option to apply it?

  • A. The new version of the policy is added to the "in progress" list
  • B. The policy display is returned to edit mode
  • C. An unassigned version of the policy is created
  • D. The new version of the policy is deleted

Answer: B

 

NEW QUESTION 23
Which dashboard should an administrator access to view the current health of the environment?

  • A. The SES Dashboard
  • B. The Security Control Dashboard
  • C. The Device Integrity Dashboard
  • D. The Antimalware Dashboard

Answer: B

 

NEW QUESTION 24
Which SES feature helps administrator apply policies based on specific endpoint profiles?

  • A. Device Profiles
  • B. Device Groups
  • C. Policy Groups
  • D. Policy Bundles

Answer: C

 

NEW QUESTION 25
Which term or expression is utilized when adversaries leverage existing tools in the environment?

  • A. script kiddies
  • B. opportunistic attack
  • C. file-less attack
  • D. living off the land

Answer: A

 

NEW QUESTION 26
Which type of organization is likely to be targeted with emerging threats?

  • A. Small organization with externalized managed security
  • B. Small organization with little qualified staff
  • C. Large organization with high turnover
  • D. Large organizations with dedicated security teams

Answer: B

 

NEW QUESTION 27
An administrator suspects that several computers have become part of a botnet. What should the administrator do to detect botnet activity on the network?

  • A. Enable the Command and Control Server Firewall
  • B. Add botnet related signatures to the IPS policy's Audit Signatures list
  • C. Set the Antimalware policy's Monitoring Level to 4
  • D. Enable the IPS policy's Show notification on the device setting

Answer: A

 

NEW QUESTION 28
Which rule types should be at the bottom of the list when an administrator adds device control rules?

  • A. Specific "device model" rules
  • B. Specific "device type" rules
  • C. General "catch all" rules
  • D. General "brand defined" rules

Answer: A

 

NEW QUESTION 29
An administrator must create a custom role in ICDm.
Which area of the management console is able to have access restricted or granted?

  • A. Agent deployment
  • B. Custom Dashboard Creation
  • C. Hybrid device management
  • D. Policy Management

Answer: A

 

NEW QUESTION 30
An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.
What should the administrator do?

  • A. Adjust the Antimalware policy age and prevalence settings
  • B. Increase the Antimalware policy Intensity to Level 5
  • C. Add the filename and SHA-256 hash to a Blacklist policy
  • D. Add the file SHA1 to a blacklist policy

Answer: A

 

NEW QUESTION 31
What does an end-user receive when an administrator utilizes the Invite User feature to distribute the SES client?

  • A. An email with a link to a KB article explaining how to install the SES Agent
  • B. An email with link to register on the ICDm user portal
  • C. An email with a link to directly download the SES client
  • D. An email with the SES_setup.zip file attached

Answer: B

 

NEW QUESTION 32
An endpoint fails to retrieve content updates.
Which URL should an administrator test in a browser to determine if the issue is network related?

  • A. https://liveupdate.symantec,com/livetri.zi
  • B. http://update.symantec.com/livetri.zip
  • C. https://spocsymantec.com/livetri.zip
  • D. https://update.symantec.com/livetri.zip

Answer: C

 

NEW QUESTION 33
Which type of security threat is used by attackers to exploit vulnerable applications?

  • A. Credential Access
  • B. Command and Control
  • C. Lateral Movement
  • D. Privilege Escalation

Answer: D

 

NEW QUESTION 34
Which Firewall Stealth setting prevents OS fingerprinting by sending erroneous OS information back to the attacker?

  • A. Disable OS fingerprint detection
  • B. Enable OS fingerprint protection
  • C. Disable OS fingerprint profiling
  • D. Enable OS fingerprint masqueradi

Answer: D

 

NEW QUESTION 35
Which file property does SES utilize to search the VirusTotal website for suspicious file information?

  • A. File size
  • B. File name
  • C. File reputation
  • D. File hash

Answer: B

 

NEW QUESTION 36
Why would an administrator choose the Server-optimized installation option when creating an installation package?

  • A. To reduce the SES client's using resources that are required for other server-specific processes.
  • B. To limit the Intrusion Prevention policy to use server-only signatures.
  • C. To add the Server-optimized Firewall policy
  • D. To add the SES client's Optimize Memory setting to the default server installation.

Answer: B

 

NEW QUESTION 37
......


Symantec 250-561 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Describe the various methods for enrolling SES endpoint agents
  • Introduction to Symantec Endpoint Security Complete
Topic 2
  • Describe the SES Complete policy and device groups and how they are used
  • Describe how to use ICDm to configure administrative reports
Topic 3
  • Describe the configuration and use of the Endpoint Activity Recorder
  • Describe the ways in which ICDm can be used to remediate threats
Topic 4
  • Describe SES Complete content update types and how they are distributed to endpoints
  • Describe the requirements to enable Endpoint
Topic 5
  • Understand how Sites and Replication are impacted in a Hybrid environment
  • Understand the Threat landscape and the MITRE ATT&CK Framework
Topic 6
  • Describe how Threat Defense for Active Directory protects against misconfigurations and vulnerabilites in an environment
  • Describe how SES Complete works to block data exfiltration
Topic 7
  • Describe how Threat Defense for Active Directory is used to identify threats
  • Describe how SES Complete can be used in preventing an attacker from accessing the environment
Topic 8
  • Describe how SES Complete's mobile technologies protection against malicious networks
  • Understand how policies are used to protect endpoint devices
Topic 9
  • Describe how EDR assists in identifying suspicious and malicious activity
  • Describe how EDR can be used to block and quarantine suspicious files
Topic 10
  • Describe the incident lifecycle and steps required to identify a threat
  • Describe the benefits of SES Complete Cloud-based management
Topic 11
  • Describe how SES Complete blocks Command & Control communication
  • Describe how SES Complete prevents threat execution
Topic 12
  • Describe the requirements for Threat Defense for Active Directory Installation and Configuration
  • Describe how SES Complete's mobile technologies protection against malicious apps
Topic 13
  • Describe the process for policy migration from SEPM to the ICDm console
  • Understand how ICDm is used to identify threats in the environment
Topic 14
  • Describe how the SES Complete Heatmap can be used to prevent unwanted application behaviors
  • Describe the requirements to enable Network Integrity in the ICDm management console

 

Revolutionary Guide To Exam Symantec Dumps: https://www.actual4dumps.com/250-561-study-material.html