• Home
  • Articles
  • Get Special Discount Offer of 250-561 Certification Exam Sample Questions and Answers [Q28-Q51]

Get Special Discount Offer of 250-561 Certification Exam Sample Questions and Answers [Q28-Q51]

Share

Get Special Discount Offer of 250-561 Certification Exam Sample Questions and Answers

New 250-561 Dumps For Preparing Symantec SCS Certified Symantec Exam Well


Symantec 250-561 (Endpoint Security Complete - Administration R1) Certification Exam is designed to certify the knowledge and skills of IT professionals in administering endpoint security solutions. Endpoint Security Complete - Administration R1 certification exam covers a variety of topics related to endpoint security, including threat prevention, incident response, and advanced threat protection.

 

NEW QUESTION # 28
Which two (2) scan range options are available to an administrator for locating unmanaged endpoints? (Select two)

  • A. IP range within subnet
  • B. Subnet Range
  • C. Entire Subnet
  • D. Entire Network
  • E. IP range within network

Answer: B,E


NEW QUESTION # 29
Which policy should an administrator edit to utilize the Symantec LiveUpdate server for pre-release content?

  • A. The System Policy
  • B. The Firewall Policy
  • C. The System Schedule Policy
  • D. The LiveUpdate Policy

Answer: D


NEW QUESTION # 30
What is the primary issue pertaining to managing roaming users while utilizing an on-premise solution?

  • A. The endpoint fails to receive content update
  • B. The endpoint is absent of the management console
  • C. The endpoint is missing timely policy update
  • D. The endpoint is more exposed to threats

Answer: A


NEW QUESTION # 31
Which communication method is utilized within SES to achieve real-time management?

  • A. Long polling
  • B. Standard polling
  • C. Heartbeat
  • D. Push Notification

Answer: D


NEW QUESTION # 32
Files are blocked by hash in the blacklist policy.
Which algorithm is supported, in addition to MD5?

  • A. SHA256 "salted"
  • B. SHA256
  • C. SHA2
  • D. MD5 "Salted"

Answer: B


NEW QUESTION # 33
An endpoint fails to retrieve content updates.
Which URL should an administrator test in a browser to determine if the issue is network related?

  • A. https://spocsymantec.com/livetri.zip
  • B. https://update.symantec.com/livetri.zip
  • C. https://liveupdate.symantec,com/livetri.zi
  • D. http://update.symantec.com/livetri.zip

Answer: A


NEW QUESTION # 34
Which two (2) skill areas are critical to the success of incident Response Teams (Select two)

  • A. Threat Analysis
  • B. Project Management
  • C. Incident Response
  • D. Incident Management
  • E. Cyber Intelligence

Answer: C,E


NEW QUESTION # 35
Which antimalware intensity level is defined by the following: "Blocks files that are most certainly bad or potentially bad files. Results in a comparable number of false positives and false negatives."

  • A. Level 6
  • B. Level 1
  • C. Level 2
  • D. Level 5

Answer: A


NEW QUESTION # 36
An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity. What should an administrator do to display only high risk files?

  • A. Apply a list filter
  • B. Apply a search modifier
  • C. Apply a search rule
  • D. Apply a list control

Answer: C


NEW QUESTION # 37
A user downloads and opens a PDF file with Adobe Acrobat. Unknown to the user, a hidden script in the file begins downloading a RAT.
Which Anti-malware engine recognizes that this behavior is inconsistent with normal Acrobat functionality, blocks the behavior and kills Acrobat?

  • A. Sapient
  • B. IPS
  • C. SONAR
  • D. Emulator

Answer: A


NEW QUESTION # 38
Which alert rule category includes events that are generated about the cloud console?

  • A. Security
  • B. System
  • C. Diagnostic
  • D. Application Activity

Answer: A


NEW QUESTION # 39
Which Security Control dashboard widget should an administrator utilize to access detailed areas for a given security control ?

  • A. More Info
  • B. Quick Links
  • C. Learn More
  • D. Latest Tasks

Answer: D


NEW QUESTION # 40
Why would an administrator choose the Server-optimized installation option when creating an installation package?

  • A. To reduce the SES client's using resources that are required for other server-specific processes.
  • B. To add the SES client's Optimize Memory setting to the default server installation.
  • C. To add the Server-optimized Firewall policy
  • D. To limit the Intrusion Prevention policy to use server-only signatures.

Answer: D


NEW QUESTION # 41
Which term or expression is utilized when adversaries leverage existing tools in the environment?

  • A. opportunistic attack
  • B. living off the land
  • C. script kiddies
  • D. file-less attack

Answer: C


NEW QUESTION # 42
Which Symantec component is required to enable two factor authentication with VIP on the Integrated Cyber Defense manager (ICDm)?

  • A. A physical token or a software token
  • B. A physical token or a secure USB key
  • C. A software token and an active directory account
  • D. A software token and a VIP server

Answer: D


NEW QUESTION # 43
Which two (2) Discovery and Deploy features could an administrator use to enroll MAC endpoints? (Select two)

  • A. A custom Installation package creator pact
  • B. A default Direct Installation package
  • C. Push Enroll
  • D. A custom Direct installation package
  • E. Invite User

Answer: A,D


NEW QUESTION # 44
An endpoint is offline, and the administrator issues a scan command. What happens to the endpoint when it restarts, if it lacks connectivity?

  • A. The system scans after the content update is downloaded.
  • B. The system starts without scanning.
  • C. The system is scanning when started.
  • D. The system downloads the content without scanning.

Answer: D


NEW QUESTION # 45
What characterizes an emerging threat in comparison to traditional threat?

  • A. Emerging threats are undetectable by signature based engines.
  • B. Emerging threats are more sophisticated than traditional threats.
  • C. Emerging threats requires artificial intelligence to be detected.
  • D. Emerging threats use new techniques and 0-day vulnerability to propagate.

Answer: D


NEW QUESTION # 46
Which URL is responsible for notifying the SES agent that a policy change occurred in the cloud console?

  • A. ocsp.digicert.com
  • B. spoc.norton.com
  • C. stnd-ipsg.crsi-symantec.com
  • D. ent-shasta.rrs-symantec.com

Answer: A


NEW QUESTION # 47
Which report template type should an administrator utilize to create a daily summary of network threats detected?

  • A. Access Violation Report
  • B. Intrusion Prevention Report
  • C. Network Risk Report
  • D. Blocked Threats Report

Answer: A


NEW QUESTION # 48
What are the Exploit Mitigation security control's mitigation techniques designed to prevent?

  • A. Misbehaving applications
  • B. Rootkit downloads
  • C. File-less attacks
  • D. Packed file execution

Answer: B


NEW QUESTION # 49
Which IPS Signature type is Primarily used to identify specific unwanted traffic?

  • A. Probe
  • B. Audit
  • C. Malcode
  • D. Attack

Answer: D


NEW QUESTION # 50
What happens when an administrator blacklists a file?

  • A. The file is automatically quarantined
  • B. The file is assigned to the default Blacklist policy
  • C. The file is assigned to the Blacklist task list
  • D. The file is assigned to a chosen Blacklist policy

Answer: C


NEW QUESTION # 51
......

Updated 250-561 Dumps Questions Are Available For Passing Symantec Exam: https://www.passexamdumps.com/250-561-valid-exam-dumps.html

Free UPDATED Symantec 250-561 Certification Exam Dumps is Online: https://drive.google.com/open?id=18VOKIRMjMFU3kTWmLGHbgol-nJM4pNA5

Related Articles

more
Symantec 250-561 Certification Practice Exam