250-441 Online Practice Questions and Answers
What are two policy requirements for using the Isolate and Rejoin features in ATP? (Choose two.)
A. Add a Quarantine firewall policy for non-compliant and non-remediated computers.
B. Add a Quarantine LiveUpdate policy for non-compliant and non-remediated computers.
C. Add and assign an Application and Device Control policy in the Symantec Endpoint Protection Manager (SEPM).
D. Add and assign a Host Integrity policy in the Symantec Endpoint Protection Manager (SEPM).
E. Add a Quarantine Antivirus and Antispyware policy for non-compliant and non-remediated computers.
Which best practice does Symantec recommend with the Endpoint Detection and Response feature?
A. Create a unique Cynic account to provide to ATP
B. Create a unique Symantec Messaging Gateway account to provide to ATP
C. Create a unique Symantec Endpoint Protection Manager (SEPM) administrator account to provide to ATP
D. Create a unique Email Security.cloud portal account to provide to ATP
Where can an Incident Responder view Cynic results in ATP?
A. Events
B. Dashboard
C. File Details
D. Incident Details
An Incident Responder notices traffic going from an endpoint to an IRC channel. The endpoint is listed in an incident. ATP is configured in TAP mode.
What should the Incident Responder do to stop the traffic to the IRC channel?
A. Isolate the endpoint with a Quarantine Firewall policy
B. Blacklist the IRC channel IP
C. Blacklist the endpoint IP
D. Isolate the endpoint with an application control policy
Which two widgets can an Incident Responder use to isolate breached endpoints from the Incident details page? (Choose two.)
A. Affected Endpoints
B. Dashboard
C. Incident Graph
D. Events View
E. Actions Bar
Which stage of an Advanced Persistent Threat (APT) attack do attackers map an organization's defenses from the inside?
A. Discovery
B. Capture
C. Exfiltration
D. Incursion
Which default port does ATP use to communicate with the Symantec Endpoint Protection Manager (SEPM) web services?
A. 8446
B. 8081
C. 8014
D. 1433
What are the prerequisite products needed when deploying ATP: Endpoint, Network, and Email?
A. SEP and Symantec Messaging Gateway
B. SEP, Symantec Email Security.cloud, and Security Information and Event Management (SIEM)
C. SEP and Symantec Email Security.cloud
D. SEP, Symantec Messaging Gateway, and Symantec Email Security.cloud
Which threat is an example of an Advanced Persistent Threat (APT)?
A. ILOVEYOU
B. Conficker
C. MyDoom
D. GhostNet
Which level of privilege corresponds to each ATP account type? Match the correct account type to the corresponding privileges.
Select and Place:
What Makes leads4pass.com Differ From Others?
There are tens of thousands of certification exam dumps provided on the internet. To keep the exam dumps valid, the exam questions latest and the exam answers accurate should be the first aim. Also, to make the exam PDF and exam VCE simulator easy to use is very important. Besides, leads4pass.com has 100% pass guarantee policy. Free exam demo is available. Customer support team is ready to help at any time when required.
All rights are reserved by leads4pass.com. Any changes, copy or trademarks abuse will be regarded as infringement. leads4pass.com will reserve the right to pursue accountability.
Copyright © 2004-2024 leads4pass.com.