Download Symantec.250-441.ExamLabs.2019-10-04.91q.vcex

Download Exam

File Info

Exam Administration of Symantec Advanced Threat Protection 3.0
Number 250-441
File Name Symantec.250-441.ExamLabs.2019-10-04.91q.vcex
Size 170 KB
Posted Oct 04, 2019
Download Symantec.250-441.ExamLabs.2019-10-04.91q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%






Demo Questions

Question 1

What is the second stage of an Advanced Persistent Threat (APT) attack?


  1. Exfiltration
  2. Incursion
  3. Discovery
  4. Capture
Correct answer: B



Question 2

Which SEP technology does an Incident Responder need to enable in order to enforce blacklisting on an endpoint?


  1. System Lockdown
  2. Intrusion Prevention System
  3. Firewall
  4. SONAR
Correct answer: A



Question 3

An Incident Responder wants to create a timeline for a recent incident using Syslog in addition to ATP for the After Actions Report. 
What are two reasons the responder should analyze the information using Syslog? (Choose two.)


  1. To have less raw data to analyze
  2. To evaluate the data, including information from other systems
  3. To access expanded historical data
  4. To determine what policy settings to modify in the Symantec Endpoint Protection Manager (SEPM)
  5. To determine the best cleanup method
Correct answer: BE



Question 4

Which SEP technologies are used by ATP to enforce the blacklisting of files?


  1. Application and Device Control
  2. SONAR and Bloodhound
  3. System Lockdown and Download Insight
  4. Intrusion Prevention and Browser Intrusion Prevention
Correct answer: C
Explanation:
Reference: https://support.symantec.com/en_US/article.HOWTO101774.html
Reference: https://support.symantec.com/en_US/article.HOWTO101774.html



Question 5

What is the role of Insight within the Advanced Threat Protection (ATP) solution?


  1. Reputation-based security
  2. Detonation/sandbox
  3. Network detection component
  4. Event correlation
Correct answer: A
Explanation:
Reference: https://www.symantec.com/content/dam/symantec/docs/brochures/atp-brochure-en.pdf
Reference: https://www.symantec.com/content/dam/symantec/docs/brochures/atp-brochure-en.pdf



Question 6

What are two policy requirements for using the Isolate and Rejoin features in ATP? (Choose two.)


  1. Add a Quarantine firewall policy for non-compliant and non-remediated computers.
  2. Add a Quarantine LiveUpdate policy for non-compliant and non-remediated computers.
  3. Add and assign an Application and Device Control policy in the Symantec Endpoint Protection Manager (SEPM).
  4. Add and assign a Host Integrity policy in the Symantec Endpoint Protection Manager (SEPM).
  5. Add a Quarantine Antivirus and Antispyware policy for non-compliant and non-remediated computers.
Correct answer: AD
Explanation:
Reference: https://support.symantec.com/en_US/article.HOWTO128427.html
Reference: https://support.symantec.com/en_US/article.HOWTO128427.html



Question 7

Which section of the ATP console should an ATP Administrator use to evaluate prioritized threats within the environment?


  1. Search
  2. Action Manager
  3. Incident Manager
  4. Events
Correct answer: B



Question 8

Which stage of an Advanced Persistent Threat (APT) attack does social engineering occur?


  1. Capture
  2. Incursion
  3. Discovery
  4. Exfiltration
Correct answer: B



Question 9

Why is it important for an Incident Responder to analyze an incident during the Recovery phase?


  1. To determine the best plan of action for cleaning up the infection
  2. To isolate infected computers on the network and remediate the threat
  3. To gather threat artifacts and review the malicious code in a sandbox environment
  4. To access the current security plan, adjust where needed, and provide reference materials in the event of a similar incident
Correct answer: D



Question 10

Which two database attributes are needed to create a Microsoft SQL SEP database connection? (Choose two.)


  1. Database version
  2. Database IP address
  3. Database domain name
  4. Database hostname
  5. Database name
Correct answer: BD









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files