250-550 시험 - Symantec실제시험문제와 답 - 70문항

Question No : 1

An endpoint is offline, and the administrator issues a scan command .
What happens to the endpoint when it restarts, if it lacks connectivity?

A.The system is scanning when started.
B.The system downloads the content without scanning.
C.The system starts without scanning.
D.The system scans after the content update is downloaded.

정답:

Question No : 2

An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity .
What should an administrator do to display only high risk files?

A.Apply a list control
B.Apply a search rule
C.Apply a list filter
D.Apply a search modifier

정답:

Question No : 3

What is the frequency of feature updates with SES and the Integrated Cyber Defense Manager (ICDm)

A.Monthly
B.Weekly
C.Quarterly
D.Bi-monthly

정답:

Question No : 4

Which device page should an administrator view to track the progress of an issued device command?

A.Command Status
B.Command History
C.Recent Activity
D.Activity Update

정답:

Question No : 5

Which policy should an administrator edit to utilize the Symantec LiveUpdate server for pre-release content?

A.The Firewall Policy
B.The System Schedule Policy
C.The System Policy
D.The LiveUpdate Policy

정답:

Question No : 6

Which two (2) scan range options are available to an administrator for locating unmanaged endpoints? (Select two)

A.IP range within network
B.IP range within subnet
C.Entire Network
D.Entire Subnet
E.Subnet Range

정답:

Question No : 7

An administrator needs to create a new Report Template that will be used to track firewall activity .
Which two (2) report template settings are optional? (Select 2)

A.Output format
B.Generation schedule
C.Email recipients
D.Time frame
E.Size restrictions

정답:

Question No : 8

Which Endpoint > Setting should an administrator utilize to locate unmanaged endpoints on a network subnet?

A.Discover Endpoints
B.Endpoint Enrollment
C.Discover and Deploy
D.Device Discovery

정답:

Question No : 9

Which SES security control protects against threats that may occur in the Impact phase?

A.Device Control
B.IPS
C.Antimalware
D.Firewall

정답:

Question No : 10

Which framework, open and available to any administrator, is utilized to categorize adversarial tactics and for each phase of a cyber attack?

A.MITRE RESPONSE
B.MITRE ATT&CK
C.MITRE ADV&NCE
D.MITRE ATTACK MATRIX

정답:

Question No : 11

Which security threat uses malicious code to destroy evidence, break systems, or encrypt data?

A.Execution
B.Persistence
C.Impact
D.Discovery

정답:

Question No : 12

Which two (2) skill areas are critical to the success of incident Response Teams (Select two)

A.Project Management
B.Incident Management
C.Cyber Intelligence
D.Incident Response
E.Threat Analysis

정답:

Question No : 13

What are the Exploit Mitigation security control's mitigation techniques designed to prevent?

A.Packed file execution
B.Misbehaving applications
C.File-less attacks
D.Rootkit downloads

정답:

Question No : 14

What must an administrator check prior to enrolling an on-prem SEPM infrastructure into the cloud?

A.Clients are running SEP 14.2 or later
B.Clients are running SEP 14.1.0 or later
C.Clients are running SEP 12-6 or later
D.Clients are running SEP 14.0.1 or late

정답:

Question No : 15

Which default role has the most limited permission in the Integrated Cyber Defense Manager?

A.Restricted Administrator
B.Limited Administrator
C.Server Administrator
D.Endpoint Console Domain Administrator

정답:

Symantec 250-550 시험