Verified 250-561 Dumps Q&As - 250-561 Test Engine with Correct Answers
Pass Your 250-561 Dumps as PDF Updated on 2023 With 72 Questions
NEW QUESTION 43
Which term or expression is utilized when adversaries leverage existing tools in the environment?
- A. script kiddies
- B. file-less attack
- C. opportunistic attack
- D. living off the land
Answer: A
NEW QUESTION 44
Which file property does SES utilize to search the VirusTotal website for suspicious file information?
- A. File hash
- B. File reputation
- C. File name
- D. File size
Answer: C
NEW QUESTION 45
Which framework, open and available to any administrator, is utilized to categorize adversarial tactics and for each phase of a cyber attack?
- A. MITRE RESPONSE
- B. MITRE ATTACK MATRIX
- C. MITRE ADV&NCE
- D. MITRE ATT&CK
Answer: C
NEW QUESTION 46
Which alert rule category includes events that are generated about the cloud console?
- A. System
- B. Application Activity
- C. Diagnostic
- D. Security
Answer: D
NEW QUESTION 47
Which dashboard should an administrator access to view the current health of the environment?
- A. The Device Integrity Dashboard
- B. The Security Control Dashboard
- C. The SES Dashboard
- D. The Antimalware Dashboard
Answer: B
NEW QUESTION 48
Which Endpoint > Setting should an administrator utilize to locate unmanaged endpoints on a network subnet?
- A. Endpoint Enrollment
- B. Device Discovery
- C. Discover Endpoints
- D. Discover and Deploy
Answer: C
NEW QUESTION 49
The ICDm has generated a blacklist task due to malicious traffic detection. Which SES component was utilized to make that detection?
- A. IPS
- B. Reputation
- C. Antimalware
- D. Firewall
Answer: C
NEW QUESTION 50
Which technique randomizes the e memory address map with Memory Exploit Mitigation?
- A. ASLR
- B. SEHOP
- C. ForceDEP
- D. ROPHEAP
Answer: A
NEW QUESTION 51
Which IPS Signature type is Primarily used to identify specific unwanted traffic?
- A. Attack
- B. Audit
- C. Probe
- D. Malcode
Answer: A
NEW QUESTION 52
What is the frequency of feature updates with SES and the Integrated Cyber Defense Manager (ICDm)
- A. Quarterly
- B. Monthly
- C. Bi-monthly
- D. Weekly
Answer: D
NEW QUESTION 53
Which Security Control dashboard widget should an administrator utilize to access detailed areas for a given security control ?
- A. Quick Links
- B. More Info
- C. Latest Tasks
- D. Learn More
Answer: C
NEW QUESTION 54
Which Anti-malware technology should an administrator utilize to expose the malicious nature of a file created with a custom packet?
- A. Sandbox
- B. Reputation
- C. SONAR
- D. Emulator
Answer: A
NEW QUESTION 55
After editing and saving a policy, an administrator is prompted with the option to apply the edited policy to any assigned device groups.
What happens to the new version of the policy if the administrator declines the option to apply it?
- A. The new version of the policy is added to the "in progress" list
- B. An unassigned version of the policy is created
- C. The new version of the policy is deleted
- D. The policy display is returned to edit mode
Answer: D
NEW QUESTION 56
An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.
What should the administrator do?
- A. Add the file SHA1 to a blacklist policy
- B. Add the filename and SHA-256 hash to a Blacklist policy
- C. Adjust the Antimalware policy age and prevalence settings
- D. Increase the Antimalware policy Intensity to Level 5
Answer: C
NEW QUESTION 57
An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity. What should an administrator do to display only high risk files?
- A. Apply a list filter
- B. Apply a search modifier
- C. Apply a search rule
- D. Apply a list control
Answer: C
NEW QUESTION 58
......
Pass Symantec 250-561 Exam Info and Free Practice Test: https://www.testsimulate.com/250-561-study-materials.html