Latest 250-561 Practice Tests with Actual Questions

Get Complete pool of questions with Premium PDF and Test Engine

Exam Code : 250-561
Exam Name : Endpoint Security Complete - Administration R1
Vendor Name : "Symantec"






250-561 Dumps

250-561 Braindumps

250-561 Real Questions

250-561 Practice Test

250-561 Actual Questions


killexams.com


Symantec


250-561


Endpoint Security Complete - Administration R1


https://killexams.com/pass4sure/exam-detail/250-561


Question: 6


What is the primary issue pertaining to managing roaming users while utilizing an on-premise solution?


  1. The endpoint is missing timely policy update

  2. The endpoint is absent of the management console

  3. The endpoint fails to receive content update

  4. The endpoint is more exposed to threats




Answer: C
Question: 7

Which SES security control protects against threats that may occur in the Impact phase?


  1. Device Control

  2. IPS

  3. Antimalware

  4. Firewall




Answer: D
Question: 8

An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.


What should the administrator do?


  1. Add the file SHA1 to a blacklist policy

  2. Increase the Antimalware policy Intensity to Level 5

  3. Add the filename and SHA-256 hash to a Blacklist policy

  4. Adjust the Antimalware policy age and prevalence settings




Answer: D
Question: 9

Which SEPM-generated element is required for an administrator to complete the enrollment of SEPM to the cloud console?


  1. Token

  2. SEPM password

  3. Certificate key pair

  4. SQL password




Answer: A
Question: 10

An administrator must create a custom role in ICDm.


Which area of the management console is able to have access restricted or granted?


  1. Policy Management

  2. Hybrid device management

  3. Agent deployment

  4. Custom Dashboard Creation




Answer: C
Question: 11

Which Endpoint > Setting should an administrator utilize to locate unmanaged endpoints on a network subnet?


  1. Discover Endpoints

  2. Endpoint Enrollment

  3. Discover and Deploy

  4. Device Discovery




Answer: A
Question: 12

What should an administrator know regarding the differences between a Domain and a Tenant in ICDm?


  1. A tenant can contain multiple domains

  2. A domain can contain multiple tenants

  3. Each customer can have one domain and many tenant

  4. Each customer can have one tenant and many domains




Answer: A
Question: 13

Which Anti-malware technology should an administrator utilize to expose the malicious nature of a file created with a custom packet?


  1. Sandbox

  2. SONAR

  3. Reputation

  4. Emulator




Answer: A
Question: 14

An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity. What should an administrator do to display only high risk files?

  1. Apply a list control

  2. Apply a search rule

  3. Apply a list filter

  4. Apply a search modifier




Answer: B
Question: 15

What characterizes an emerging threat in comparison to traditional threat?


  1. Emerging threats use new techniques and 0-day vulnerability to propagate.

  2. Emerging threats requires artificial intelligence to be detected.

  3. Emerging threats are undetectable by signature based engines.

  4. Emerging threats are more sophisticated than traditional threats.




Answer: A
Question: 16

Which technique randomizes the e memory address map with Memory Exploit Mitigation?


  1. SEHOP

  2. ROPHEAP

  3. ASLR

  4. ForceDEP




Answer: C
Question: 17

In the ICDm, administrators are assisted by the My Task view. Which automation type creates the tasks within the console?

  1. Artificial Intelligence

  2. Machine Learning

  3. Advanced Machine Learning

  4. Administrator defined rules




Answer: A
Question: 18

What is the frequency of feature updates with SES and the Integrated Cyber Defense Manager (ICDm)


  1. Monthly

  2. Weekly

  3. Quarterly

  4. Bi-monthly




Answer: B


Question: 19


A user downloads and opens a PDF file with Adobe Acrobat. Unknown to the user, a hidden script in the file begins downloading a RAT.


Which Anti-malware engine recognizes that this behavior is inconsistent with normal Acrobat functionality, blocks the behavior and kills Acrobat?


  1. SONAR

  2. Sapient

  3. IPS

  4. Emulator




Answer: B
Question: 20

Which alert rule category includes events that are generated about the cloud console?


  1. Security

  2. Diagnostic

  3. System

  4. Application Activity




Answer: A
Question: 21

Which Firewall Stealth setting prevents OS fingerprinting by sending erroneous OS information back to the attacker?


  1. Disable OS fingerprint profiling

  2. Disable OS fingerprint detection

  3. Enable OS fingerprint masqueradi

  4. Enable OS fingerprint protection




Answer: C
Question: 22

An administrator is evaluating an organization's computers for an upcoming SES deployment. Which computer meets the pre-requisites for the SES client?

  1. A computer running Mac OS X 10.8 with 500 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor

  2. A computer running Mac OS X 10.14 with 400 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor

  3. A computer running Windows 10 with 400 MB of disk space, 2 GB of RAM, and a 2.4 GHz Intel Pentium 4 processor

  4. A computer running Windows 8 with 380 MB of disk space, 2 GB of RAM, and a 2.8 GHz Intel Pentium 4 processor



Answer: C
Question: 23

Which two (2) steps should an administrator take to guard against re-occurring threats? (Select two)


  1. Confirm that daily active and weekly full scans take place on all endpoints

  2. Verify that all endpoints receive scheduled Live-Update content

  3. Use Power Eraser to clean endpoint Windows registries

  4. Add endpoints to a high security group and assign a restrictive Antimalware policy to the group

  5. Quarantine affected endpoints




Answer: A,C,E
Question: 24

After editing and saving a policy, an administrator is prompted with the option to apply the edited policy to any assigned device groups.


What happens to the new version of the policy if the administrator declines the option to apply it?


  1. The policy display is returned to edit mode

  2. The new version of the policy is deleted

  3. An unassigned version of the policy is created

  4. The new version of the policy is added to the "in progress" list




Answer: A
Question: 25

What does SES's advanced search feature provide when an administrator searches for a specific term?


  1. A search modifier dialog

  2. A search wizard dialog

  3. A suggested terms dialog

  4. A search summary dialog




Answer: A
Question: 26

Which device page should an administrator view to track the progress of an issued device command?


  1. Command Status

  2. Command History

  3. Recent Activity

  4. Activity Update




Answer: C
Question: 27

What must an administrator check prior to enrolling an on-prem SEPM infrastructure into the cloud?


  1. Clients are running SEP 14.2 or later

  2. Clients are running SEP 14.1.0 or later

  3. Clients are running SEP 12-6 or later

  4. Clients are running SEP 14.0.1 or late




Answer: D
Question: 28

Which type of organization is likely to be targeted with emerging threats?


  1. Small organization with externalized managed security

  2. Large organizations with dedicated security teams

  3. Large organization with high turnover

  4. Small organization with little qualified staff




Answer: D