Broadcom 250-586 Endpoint Security Complete Implementation - Technical Specialist Online Training

Question #1

What permissions does the Security Analyst Role have?

A . Search endpoints, trigger dumps, create policies
B . Trigger dumps, get and quarantine files, enroll new sites
C . Search endpoints, trigger dumps, get and quarantine files
D . Trigger dumps, get and quarantine files, create device groups

Correct Answer: C
C

Explanation:

In Endpoint Security Complete implementations, the Security Analyst Role generally has permissions that focus on monitoring, investigating, and responding to security threats rather than administrative functions like policy creation or device group management.

Here’s a breakdown of why Option C aligns with best practices:

Search Endpoints: Security Analysts are often tasked with investigating security alerts or anomalies. To support this, they typically need access to endpoint search functionalities to locate specific devices affected by potential threats.

Trigger Dumps: Triggering memory or system dumps on endpoints can be crucial for in-depth forensic analysis. This helps analysts capture a snapshot of the system’s state during or after a security incident, aiding in a comprehensive investigation.

Get and Quarantine Files: Security Analysts are often allowed to isolate or quarantine files that are identified as suspicious or malicious. This action helps contain potential threats and prevent the spread of malware or other harmful activities within the network. This permission aligns with their role in mitigating threats as quickly as possible.

Explanation of Why Other Options Are Less Likely:

Option A (Create Policies): Creating policies typically requires higher administrative privileges, such

as those assigned to security administrators or endpoint managers, rather than Security Analysts.

Analysts primarily focus on threat detection and response rather than policy design.

Option B (Enroll New Sites): Enrolling new sites is typically an administrative task related to infrastructure setup and expansion, which falls outside the responsibilities of a Security Analyst.

Option D (Create Device Groups): Creating and managing device groups is usually within the purview of a system administrator or endpoint administrator role, as this involves configuring the organizational structure of the endpoint management system.

In summary, Option C aligns with the core responsibilities of a Security Analyst focused on threat investigation and response. Their permissions emphasize actions that directly support these objectives, without extending into administrative configuration or setup tasks.

Question #2

What is the purpose of the Test Plan in the implementation phase?

A . To assess the SESC Solution Design in the customer’s environment
B . To monitor the Implementation of SES Complete
C . To guide the adoption and testing of SES Complete in the implementation phase
D . To seek approval for the next phase of the SESC Implementation Framework

Reveal Solution Hide Solution

Question #3

What is the focus of Active Directory Defense testing in the Test Plan?

A . Validating the Obfuscation Factor for AD Domain Settings
B . Testing the intensity level for Malware Prevention
C . Ensuring that Application Launch Rules are blocking or allowing application execution and behaviors on endpoints
D . Validating the protection against network threats for Network Integrity Configuration

Reveal Solution Hide Solution

Question #4

What should be documented in the Infrastructure Design section to enable traffic redirection to Symantec servers?

A . Required ports and protocols
B . Hardware recommendations
C . Site Topology description
D . Disaster recovery plan

Reveal Solution Hide Solution

Question #5

Which policy should an administrator edit to utilize the Symantec LiveUpdate server for pre-release content?

A . The System Policy
B . The LiveUpdate Policy
C . The System Schedule Policy
D . The Firewall Policy

Reveal Solution Hide Solution

Question #6

What is purpose of the Solution Configuration Design in the Implement phase?

A . To provide a brief functional overview of the component placement in the environment
B . To outline the hardware requirements for on-premise components
C . To guide the implementation of features and functions
D . To detail the storage estimates and hardware configuration

Reveal Solution Hide Solution

Question #7

What is the recommended setup to ensure clients automatically fallback to their Priority 1 server(s) in case of a faulty SEP Manager?

A . Configure all SEP Managers with equal priority
B . Configure all SEP Managers with different priorities
C . Do not configure any priority for SEP Managers
D . Use a separate fallback server

Reveal Solution Hide Solution

Question #8

Where can you submit evidence of malware not detected by Symantec products?

A . SymProtect Cases Page
B . Virus Definitions and Security Update Page
C . SymSubmit Page
D . Symantec Vulnerability Response page

Reveal Solution Hide Solution

Question #9

What is the primary purpose of the Pilot Deployment in the Implementation phase?

A . To validate the effectiveness of the solution design in the customer’s environment
B . To ensure that the communication paths between major components have been established
C . To ensure that any potential outstanding activities and tasks are assigned to the right people
D . To ensure that all accounts are set with their allocated permissions and assignments

Reveal Solution Hide Solution

Question #10

Which two options are available when configuring DNS change detected for SONAR? (Select two.)

A . Block
B . Active Response
C . Quarantine
D . Log
E . Trace

Reveal Solution Hide Solution

Broadcom 250-586 Endpoint Security Complete Implementation – Technical Specialist Online Training