• Home
  • Blogs
  • Latest [Nov 16, 2024] Symantec 250-561 Exam Practice Test To Gain Brilliante Result [Q38-Q60]

Latest [Nov 16, 2024] Symantec 250-561 Exam Practice Test To Gain Brilliante Result [Q38-Q60]

Share

Latest [Nov 16, 2024] Symantec 250-561 Exam Practice Test To Gain Brilliante Result

Take a Leap Forward in Your Career by Earning Symantec 250-561


Symantec 250-561 (Endpoint Security Complete - Administration R1) Certification Exam is an industry-leading credential that demonstrates a candidate's mastery of endpoint security administration. Endpoint Security Complete - Administration R1 certification is designed for IT professionals who are responsible for managing endpoint security systems in enterprise environments. 250-561 exam covers a range of topics, including endpoint protection, threat prevention, incident response, and compliance.

 

NEW QUESTION # 38
Which SES advanced feature detects malware by consulting a training model composed of known good and known bad fries?

  • A. Reputation
  • B. Advanced Machine Learning
  • C. Signatures
  • D. Artificial Intelligence

Answer: B


NEW QUESTION # 39
Which designation should an administrator assign to the computer configured to find unmanaged devices?

  • A. Discovery Manager
  • B. Discovery Agent
  • C. Discovery Device
  • D. Discovery Broker

Answer: B


NEW QUESTION # 40
Which report template type should an administrator utilize to create a daily summary of network threats detected?

  • A. Blocked Threats Report
  • B. Access Violation Report
  • C. Network Risk Report
  • D. Intrusion Prevention Report

Answer: B


NEW QUESTION # 41
Which SES security control protects against threats that may occur in the Impact phase?

  • A. IPS
  • B. Antimalware
  • C. Firewall
  • D. Device Control

Answer: C


NEW QUESTION # 42
Which URL is responsible for notifying the SES agent that a policy change occurred in the cloud console?

  • A. ent-shasta.rrs-symantec.com
  • B. ocsp.digicert.com
  • C. spoc.norton.com
  • D. stnd-ipsg.crsi-symantec.com

Answer: B


NEW QUESTION # 43
Which policy should an administrator edit to utilize the Symantec LiveUpdate server for pre-release content?

  • A. The Firewall Policy
  • B. The System Schedule Policy
  • C. The System Policy
  • D. The LiveUpdate Policy

Answer: D


NEW QUESTION # 44
What is the primary issue pertaining to managing roaming users while utilizing an on-premise solution?

  • A. The endpoint is more exposed to threats
  • B. The endpoint fails to receive content update
  • C. The endpoint is absent of the management console
  • D. The endpoint is missing timely policy update

Answer: B


NEW QUESTION # 45
Which term or expression is utilized when adversaries leverage existing tools in the environment?

  • A. opportunistic attack
  • B. living off the land
  • C. file-less attack
  • D. script kiddies

Answer: D


NEW QUESTION # 46
Which Antimalware technology is used after all local resources have been exhausted?

  • A. Reputation
  • B. Emulator
  • C. ITCS
  • D. Sapient

Answer: C


NEW QUESTION # 47
Which option should an administrator utilize to temporarily or permanently block a file?

  • A. Encrypt
  • B. Delete
  • C. Blacklist
  • D. Hide

Answer: C


NEW QUESTION # 48
An administrator needs to create a new Report Template that will be used to track firewall activity. Which two (2) report template settings are optional? (Select 2)

  • A. Time frame
  • B. Output format
  • C. Generation schedule
  • D. Size restrictions
  • E. Email recipients

Answer: B,E


NEW QUESTION # 49
An administrator is evaluating an organization's computers for an upcoming SES deployment. Which computer meets the pre-requisites for the SES client?

  • A. A computer running Windows 10 with 400 MB of disk space, 2 GB of RAM, and a 2.4 GHz Intel Pentium 4 processor
  • B. A computer running Mac OS X 10.8 with 500 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
  • C. A computer running Windows 8 with 380 MB of disk space, 2 GB of RAM, and a 2.8 GHz Intel Pentium 4 processor
  • D. A computer running Mac OS X 10.14 with 400 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor

Answer: A


NEW QUESTION # 50
Which antimalware intensity level is defined by the following: "Blocks files that are most certainly bad or potentially bad files. Results in a comparable number of false positives and false negatives."

  • A. Level 2
  • B. Level 6
  • C. Level 5
  • D. Level 1

Answer: B


NEW QUESTION # 51
Why would an administrator choose the Server-optimized installation option when creating an installation package?

  • A. To add the Server-optimized Firewall policy
  • B. To add the SES client's Optimize Memory setting to the default server installation.
  • C. To limit the Intrusion Prevention policy to use server-only signatures.
  • D. To reduce the SES client's using resources that are required for other server-specific processes.

Answer: C


NEW QUESTION # 52
Which file property does SES utilize to search the VirusTotal website for suspicious file information?

  • A. File hash
  • B. File size
  • C. File name
  • D. File reputation

Answer: C


NEW QUESTION # 53
Which type of security threat is used by attackers to exploit vulnerable applications?

  • A. Command and Control
  • B. Privilege Escalation
  • C. Credential Access
  • D. Lateral Movement

Answer: B


NEW QUESTION # 54
After editing and saving a policy, an administrator is prompted with the option to apply the edited policy to any assigned device groups.
What happens to the new version of the policy if the administrator declines the option to apply it?

  • A. The policy display is returned to edit mode
  • B. An unassigned version of the policy is created
  • C. The new version of the policy is added to the "in progress" list
  • D. The new version of the policy is deleted

Answer: A


NEW QUESTION # 55
An endpoint is offline, and the administrator issues a scan command. What happens to the endpoint when it restarts, if it lacks connectivity?

  • A. The system starts without scanning.
  • B. The system is scanning when started.
  • C. The system scans after the content update is downloaded.
  • D. The system downloads the content without scanning.

Answer: D


NEW QUESTION # 56
Which two (2) options is an administrator able to use to prevent a file from being fasely detected (Select two)

  • A. Add the file to a Whitelist policy
  • B. Reduce the Intensive Protection setting of the Antimalware policy
  • C. Rename the file
  • D. Assign the file a SHA-256 cryptographic hash
  • E. Register the file with Symantec's False Positive database

Answer: A,E


NEW QUESTION # 57
What option must an administrator choose when rolling back a policy assignment to a previous version?

  • A. Customize
  • B. Reverse
  • C. Go Back
  • D. Override

Answer: D


NEW QUESTION # 58
Which Symantec component is required to enable two factor authentication with VIP on the Integrated Cyber Defense manager (ICDm)?

  • A. A physical token or a secure USB key
  • B. A software token and a VIP server
  • C. A physical token or a software token
  • D. A software token and an active directory account

Answer: B


NEW QUESTION # 59
What happens when an administrator blacklists a file?

  • A. The file is automatically quarantined
  • B. The file is assigned to the default Blacklist policy
  • C. The file is assigned to a chosen Blacklist policy
  • D. The file is assigned to the Blacklist task list

Answer: D


NEW QUESTION # 60
......

Authentic Best resources for 250-561 Online Practice Exam: https://actualtests.prep4away.com/Symantec-certification/braindumps.250-561.ete.file.html

Related Blogs

more
Symantec 250-561 Certification Practice Exam