- All Exams Instant Download
Which type of file attribute is valid for creating a block list entry with Symantec Endpoint Detection and Response (SEDR)?
Which type of file attribute is valid for creating a block list entry with Symantec Endpoint Detection and Response (SEDR)?A . SHA256B . TypeC . Date CreatedD . FilenameView AnswerAnswer: A Explanation: When creating a block list entry in Symantec Endpoint Detection and Response (SEDR), the SHA256 hash is a...
Why is it important for an Incident Responder to copy malicious files to the SEDR file store or create an image of the infected system during the Recovery phase?
Why is it important for an Incident Responder to copy malicious files to the SEDR file store or create an image of the infected system during the Recovery phase?A . To create custom IPS signaturesB . To test the effectiveness of the current assigned policy settings in the Symantec Endpoint...
What is the function of Symantec Insight?
What is the function of Symantec Insight?A . Provides reputation ratings for structured dataB . Enhances the capability of Group Update Providers (GUP)C . Increases the efficiency and effectiveness of LiveUpdateD . Provides reputation ratings for binary executablesView AnswerAnswer: D Explanation: Symantec Insight is a technology that delivers reputation ratings...
When are events generated within SEDR?
When are events generated within SEDR?A . When an incident is selectedB . When an activity occursC . When any event is openedD . When entities are viewedView AnswerAnswer: B Explanation: In Symantec Endpoint Detection and Response (SEDR), events are generated when an activity occurs. This includes any actions or...
Which technology can prevent an unknown executable from being downloaded through a browser session?
Which technology can prevent an unknown executable from being downloaded through a browser session?A . Intrusion PreventionB . InsightC . Application ControlD . Advanced Machine LearningView AnswerAnswer: B Explanation: Symantec Insight technology can prevent the download of unknown executables through a browser session by leveraging a cloud-based reputation service. Insight...
Which antimalware intensity level is defined by the following: "Blocks files that are most certainly bad or potentially bad files results in a comparable number of false positives and false negatives."
Which antimalware intensity level is defined by the following: "Blocks files that are most certainly bad or potentially bad files results in a comparable number of false positives and false negatives."A . Level 6B . Level 5C . Level 2D . Level 1View AnswerAnswer: B Explanation: In antimalware solutions, Level...
Which type of security threat continues to threaten endpoint security after a system reboot?
Which type of security threat continues to threaten endpoint security after a system reboot?A . file-lessB . memory attackC . scriptD . RootkitView AnswerAnswer: D Explanation: A Rootkit is a type of security threat that can persist across system reboots, making it difficult to detect and remove. Rootkits operate by...
