What does an end-user receive when an administrator utilizes the Invite User feature to distribute the SES client?
- A . An email with a link to directly download the SES client
- B . An email with a link to a KB article explaining how to install the SES Agent
- C . An email with the SES_setup.zip file attached
- D . An email with link to register on the ICDm user portal
What version number is assigned to a duplicated policy?
- A . One
- B . Zero
- C . The original policy’s number plus one
- D . The original policy’s version numb
Which dashboard should an administrator access to view the current health of the environment?
- A . The Antimalware Dashboard
- B . The SES Dashboard
- C . The Device Integrity Dashboard
- D . The Security Control Dashboard
An administrator is evaluating an organization’s computers for an upcoming SES deployment .
Which computer meets the pre-requisites for the SES client?
- A . A computer running Mac OS X 10.8 with 500 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
- B . A computer running Mac OS X 10.14 with 400 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
- C . A computer running Windows 10 with 400 MB of disk space, 2 GB of RAM, and a 2.4 GHz Intel Pentium 4 processor
- D . A computer running Windows 8 with 380 MB of disk space, 2 GB of RAM, and a 2.8 GHz Intel Pentium 4 processor
In the ICDm, administrators are assisted by the My Task view .
Which automation type creates the tasks within the console?
- A . Artificial Intelligence
- B . Machine Learning
- C . Advanced Machine Learning
- D . Administrator defined rules
Which two (2) options is an administrator able to use to prevent a file from being fasely detected (Select two)
- A . Assign the file a SHA-256 cryptographic hash
- B . Add the file to a Whitelist policy
- C . Reduce the Intensive Protection setting of the Antimalware policy
- D . Register the file with Symantec’s False Positive database
- E . Rename the file
Which statement best describes Artificial Intelligence?
- A . A program that automates tasks with a static set of instructions
- B . A program that can predict when a task should be performed
- C . A program that is autonomous and needs training to perform a task
- D . A program that learns from experience and perform autonomous tasks
Which SES advanced feature detects malware by consulting a training model composed of known good and known bad fries?
- A . Signatures
- B . Advanced Machine Learning
- C . Reputation
- D . Artificial Intelligence
Which two (2) Discovery and Deploy features could an administrator use to enroll MAC endpoints? (Select two)
- A . Push Enroll
- B . A custom Installation package creator pact
- C . A default Direct Installation package
- D . Invite User
- E . A custom Direct installation package
Which SEPM-generated element is required for an administrator to complete the enrollment of SEPM to the cloud console?
- A . Token
- B . SEPM password
- C . Certificate key pair
- D . SQL password
Which default role has the most limited permission in the Integrated Cyber Defense Manager?
- A . Restricted Administrator
- B . Limited Administrator
- C . Server Administrator
- D . Endpoint Console Domain Administrator
What must an administrator check prior to enrolling an on-prem SEPM infrastructure into the cloud?
- A . Clients are running SEP 14.2 or later
- B . Clients are running SEP 14.1.0 or later
- C . Clients are running SEP 12-6 or later
- D . Clients are running SEP 14.0.1 or late
What are the Exploit Mitigation security control’s mitigation techniques designed to prevent?
- A . Packed file execution
- B . Misbehaving applications
- C . File-less attacks
- D . Rootkit downloads
Which two (2) skill areas are critical to the success of incident Response Teams (Select two)
- A . Project Management
- B . Incident Management
- C . Cyber Intelligence
- D . Incident Response
- E . Threat Analysis
Which security threat uses malicious code to destroy evidence, break systems, or encrypt data?
- A . Execution
- B . Persistence
- C . Impact
- D . Discovery
Which framework, open and available to any administrator, is utilized to categorize adversarial tactics and for each phase of a cyber attack?
- A . MITRE RESPONSE
- B . MITRE ATT&CK
- C . MITRE ADV&NCE
- D . MITRE ATTACK MATRIX
Which SES security control protects against threats that may occur in the Impact phase?
- A . Device Control
- B . IPS
- C . Antimalware
- D . Firewall
Which Endpoint > Setting should an administrator utilize to locate unmanaged endpoints on a network subnet?
- A . Discover Endpoints
- B . Endpoint Enrollment
- C . Discover and Deploy
- D . Device Discovery
An administrator needs to create a new Report Template that will be used to track firewall activity .
Which two (2) report template settings are optional? (Select 2)
- A . Output format
- B . Generation schedule
- C . Email recipients
- D . Time frame
- E . Size restrictions
Which two (2) scan range options are available to an administrator for locating unmanaged endpoints? (Select two)
- A . IP range within network
- B . IP range within subnet
- C . Entire Network
- D . Entire Subnet
- E . Subnet Range
Which policy should an administrator edit to utilize the Symantec LiveUpdate server for pre-release content?
- A . The Firewall Policy
- B . The System Schedule Policy
- C . The System Policy
- D . The LiveUpdate Policy
Which device page should an administrator view to track the progress of an issued device command?
- A . Command Status
- B . Command History
- C . Recent Activity
- D . Activity Update
What is the frequency of feature updates with SES and the Integrated Cyber Defense Manager (ICDm)
- A . Monthly
- B . Weekly
- C . Quarterly
- D . Bi-monthly
An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity .
What should an administrator do to display only high risk files?
- A . Apply a list control
- B . Apply a search rule
- C . Apply a list filter
- D . Apply a search modifier
An endpoint is offline, and the administrator issues a scan command .
What happens to the endpoint when it restarts, if it lacks connectivity?
- A . The system is scanning when started.
- B . The system downloads the content without scanning.
- C . The system starts without scanning.
- D . The system scans after the content update is downloaded.