250-580

What information is required to calculate storage requirements?A . Number of endpoints, available bandwidth, available disk space, number of endpoint dumps, dump sizeB . Number of endpoints, EAR data per endpoint per day, number of days to retain, number of endpoint dumps, dump sizeC . Number of endpoints, available bandwidth,...

What priority would an incident that may have an impact on business be considered?A . LowB . CriticalC . HighD . MediumView AnswerAnswer: C Explanation: An incident that may have an impact on business is typically classified with a High priority in cybersecurity frameworks and incident response protocols. Here’s a...

An Incident Responder has determined that an endpoint is compromised by a malicious threat. What SEDR feature would be utilized first to contain the threat?A . File DeletionB . Incident ManagerC . IsolationD . Endpoint Activity RecorderView AnswerAnswer: C Explanation: When an Incident Responder determines that an endpoint is compromised,...

How would an administrator specify which remote consoles and servers have access to the management server?A . Edit the Server Properties and under the General tab, change the Server Communication Permission.B . Edit the Communication Settings for the Group under the Clients tab.C . Edit the External Communication Settings for...

Why is Active Directory a part of nearly every targeted attack?A . AD administration is managed by weak legacy APIs.B . AD is, by design, an easily accessed flat file name space directory databaseC . AD exposes all of its identities, applications, and resources to every endpoint in the networkD...

What does a ranged query return or exclude?A . Data matching the exact field names and their valuesB . Data matching a regular expressionC . Data falling between two specified values of a given fieldD . Data based on specific values for a given fieldView AnswerAnswer: C Explanation: A ranged...

Which SES advanced feature detects malware by consulting a training model composed of known good and known bad files?A . SignaturesB . ReputationC . Artificial IntelligenceD . Advanced Machine LearningView AnswerAnswer: D Explanation: The Advanced Machine Learning feature in Symantec Endpoint Security (SES) uses a sophisticated model trained on a...

Which Indicator of Compromise might be detected as variations in the behavior of privileged users that indicate that their account is being used by someone else to gain a foothold in an environment?A . Mismatched Port - Application TrafficB . Irregularities in Privileged User Account ActivityC . Surges in Database...

What is a feature of Cynic?A . Local SandboxingB . Forwarding event data to Security Information and Event Management (SIEM)C . Cloud SandboxingD . Customizable OS ImagesView AnswerAnswer: C Explanation: Cynic is a feature of Symantec Endpoint Security that provides cloud sandboxing capabilities. Cloud sandboxing allows Cynic to analyze suspicious...

Which report template type should an administrator utilize to create a daily summary of network threats detected?A . Intrusion Prevention ReportB . Blocked Threats ReportC . Network Risk ReportD . Access Violation ReportView AnswerAnswer: C Explanation: To create a daily summary of network threats detected, an administrator should use the...