• Home
  • Articles
  • [Dec-2024] 250-561 Certification with Actual Questions from Actual4dump [Q40-Q55]

[Dec-2024] 250-561 Certification with Actual Questions from Actual4dump [Q40-Q55]

Share

[Dec-2024] 250-561 Certification with Actual Questions from Actual4dump

Updated 250-561 Dumps PDF - 250-561 Real Valid Brain Dumps With 72 Questions!

NEW QUESTION # 40
An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity. What should an administrator do to display only high risk files?

  • A. Apply a list filter
  • B. Apply a search modifier
  • C. Apply a list control
  • D. Apply a search rule

Answer: D


NEW QUESTION # 41
Which technique randomizes the e memory address map with Memory Exploit Mitigation?

  • A. ROPHEAP
  • B. ASLR
  • C. SEHOP
  • D. ForceDEP

Answer: B


NEW QUESTION # 42
Which statement best defines Machine Learning?

  • A. A program that needs user input to perform a task.
  • B. A program that require data to perform a task.
  • C. A program that learns from experience to optimize the output of a task.
  • D. A program that teams from observing other programs.

Answer: D


NEW QUESTION # 43
Which report template out format should an administrator utilize to generate graphical reports?

  • A. XML
  • B. XML
  • C. HTML
  • D. PFD

Answer: C


NEW QUESTION # 44
What version number is assigned to a duplicated policy?

  • A. Zero
  • B. The original policy's number plus one
  • C. One
  • D. The original policy's version numb

Answer: B


NEW QUESTION # 45
An administrator is evaluating an organization's computers for an upcoming SES deployment. Which computer meets the pre-requisites for the SES client?

  • A. A computer running Windows 10 with 400 MB of disk space, 2 GB of RAM, and a 2.4 GHz Intel Pentium 4 processor
  • B. A computer running Mac OS X 10.14 with 400 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
  • C. A computer running Mac OS X 10.8 with 500 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
  • D. A computer running Windows 8 with 380 MB of disk space, 2 GB of RAM, and a 2.8 GHz Intel Pentium 4 processor

Answer: A


NEW QUESTION # 46
Which type of organization is likely to be targeted with emerging threats?

  • A. Large organizations with dedicated security teams
  • B. Small organization with little qualified staff
  • C. Small organization with externalized managed security
  • D. Large organization with high turnover

Answer: B


NEW QUESTION # 47
Which IPS Signature type is Primarily used to identify specific unwanted traffic?

  • A. Attack
  • B. Audit
  • C. Probe
  • D. Malcode

Answer: A


NEW QUESTION # 48
What does an end-user receive when an administrator utilizes the Invite User feature to distribute the SES client?

  • A. An email with link to register on the ICDm user portal
  • B. An email with a link to directly download the SES client
  • C. An email with a link to a KB article explaining how to install the SES Agent
  • D. An email with the SES_setup.zip file attached

Answer: A


NEW QUESTION # 49
What is the primary issue pertaining to managing roaming users while utilizing an on-premise solution?

  • A. The endpoint is absent of the management console
  • B. The endpoint fails to receive content update
  • C. The endpoint is more exposed to threats
  • D. The endpoint is missing timely policy update

Answer: B


NEW QUESTION # 50
Files are blocked by hash in the blacklist policy.
Which algorithm is supported, in addition to MD5?

  • A. SHA256
  • B. SHA2
  • C. MD5 "Salted"
  • D. SHA256 "salted"

Answer: A


NEW QUESTION # 51
An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.
What should the administrator do?

  • A. Increase the Antimalware policy Intensity to Level 5
  • B. Add the filename and SHA-256 hash to a Blacklist policy
  • C. Adjust the Antimalware policy age and prevalence settings
  • D. Add the file SHA1 to a blacklist policy

Answer: C


NEW QUESTION # 52
An endpoint fails to retrieve content updates.
Which URL should an administrator test in a browser to determine if the issue is network related?

  • A. https://liveupdate.symantec,com/livetri.zi
  • B. https://spocsymantec.com/livetri.zip
  • C. http://update.symantec.com/livetri.zip
  • D. https://update.symantec.com/livetri.zip

Answer: B


NEW QUESTION # 53
Which two (2) options is an administrator able to use to prevent a file from being fasely detected (Select two)

  • A. Rename the file
  • B. Add the file to a Whitelist policy
  • C. Register the file with Symantec's False Positive database
  • D. Assign the file a SHA-256 cryptographic hash
  • E. Reduce the Intensive Protection setting of the Antimalware policy

Answer: B,C


NEW QUESTION # 54
Which framework, open and available to any administrator, is utilized to categorize adversarial tactics and for each phase of a cyber attack?

  • A. MITRE RESPONSE
  • B. MITRE ATT&CK
  • C. MITRE ATTACK MATRIX
  • D. MITRE ADV&NCE

Answer: D


NEW QUESTION # 55
......

Pass Your 250-561 Exam Easily With 100% Exam Passing Guarantee: https://www.actual4dump.com/Symantec/250-561-actualtests-dumps.html

100% Free 250-561 Exam Dumps Use Real Symantec SCS Dumps: https://drive.google.com/open?id=1m4Dz7LW-hOO4ZrI7glUIQNlFhqS-MRvK

Related Articles

more
Symantec 250-561 Certification Practice Exam