最新Endpoint Security 250-580考試題庫，Symantec 250-580課程的擬真試題下載

問題1
What are the two (2) locations where an Incident Responder should gather data for an After Actions Report in SEDR? (Select two)

A. Incident Manager

B. Policies

C. Action Manager

D. Syslog

E. Endpoint Search

正確答案: A,D

說明：（僅 NewDumps 成員可見）

問題2
Which type of activity recorder does EDR provide?

A. Endpoint

B. Email

C. Virtual

D. Temporary

正確答案: A

說明：（僅 NewDumps 成員可見）

問題3
Which type of event does operation:1indicate in a SEDR database search?

A. File Closed.

B. File Deleted.

C. File Created.

D. File Open.

正確答案: D

說明：（僅 NewDumps 成員可見）

問題4
An organization identifies a threat in its environment and needs to limit the spread of the threat. How should the SEP Administrator block the threat using Application and Device Control?

A. Gather the MD5 hash of the file and create an Application Content Rule that blocks the file based on specific arguments.

B. Gather the MD5 hash of the file and create an Application Content Rule that blocks the file based on the file fingerprint.

C. Gather the process name of the file and create an Application Content Rule that blocks the file based on the device ID type.

D. Gather the MD5 hash of the file and create an Application Content Rule that uses regular expression matching.

正確答案: B

說明：（僅 NewDumps 成員可見）

問題5
Which alert rule category includes events that are generated about the cloud console?

A. Application Activity

B. Security

C. System

D. Diagnostic

正確答案: C

說明：（僅 NewDumps 成員可見）

問題6
What does a medium-priority incident indicate?

A. The incident can result in a business outage

B. The incident can safely be ignored

C. The incident may have an impact on the business

D. The incident does not affect critical business operation

正確答案: C

說明：（僅 NewDumps 成員可見）

問題7
What characterizes an emerging threat in comparison to the traditional threat?

A. Emerging threats are more sophisticated than traditional threats.

B. Emerging threats require artificial intelligence to be detected.

C. Emerging threats use new techniques and 0-day vulnerability to propagate.

D. Emerging threats are undetectable by signature-based engines.

正確答案: C

說明：（僅 NewDumps 成員可見）

問題8
How would an administrator specify which remote consoles and servers have access to the management server?

A. Edit theCommunication Settingsfor the Group under theClients tab.

B. Edit theSite Propertiesand under theGeneral tab,change the server priority.

C. EdittheExternal Communication Settingsfor the Group under theClients tab.

D. Edit theServer Propertiesand under theGeneral tab,change theServer Communication Permission.

正確答案: D

說明：（僅 NewDumps 成員可見）

問題9
Which default role has the most limited permission in the Integrated Cyber Defense Manager?

A. Server Administrator

B. Restricted Administrator

C. Endpoint Console Domain Administrator

D. Limited Administrator

正確答案: B

說明：（僅 NewDumps 成員可見）

問題10
An administrator needs to increase the access speed for client files that are stored on a file server. Which configuration should the administrator review to address the read speed from the server?

A. Create a Firewall allow rule for the server's IP address.

B. Enable download randomization in the client group's communication settings

C. Enable Network Cache in the client's Virus and Spyware Protection policy

D. Add the applicable server to a trusted host group

正確答案: C

說明：（僅 NewDumps 成員可見）

先試後買

購買之前，你可以先嘗試下載一個試用版本。目前我們只提供PDF版本的試用DEMO，軟件版本只提供截圖。

專業認證

品質保證

輕松通過

Try Before Buy

最新的真實試題

相關鏈接

聯繫我們