- All Exams Instant Download
Which section of the ATP console should an ATP Administrator use to evaluate prioritized threats within the environment?
Which section of the ATP console should an ATP Administrator use to evaluate prioritized threats within the environment?A . SearchB . Action ManagerC . Incident ManagerD . EventsView AnswerAnswer: B
Which level of privilege corresponds to each ATP account type?
DRAG DROP Which level of privilege corresponds to each ATP account type? Match the correct account type to the corresponding privileges. View AnswerAnswer:
How should an ATP Administrator configure Endpoint Detection and Response according to Symantec best practices for a SEP environment with more than one domain?
How should an ATP Administrator configure Endpoint Detection and Response according to Symantec best practices for a SEP environment with more than one domain?A . Create a unique Symantec Endpoint Protection Manager (SEPM) domain for ATPB . Create an ATP manager for each Symantec Endpoint Protection Manager (SEPM) domainC ....
Which search query and type should the responder run?
An Incident Responder wants to investigate whether msscrt.pdf resides on any systems. Which search query and type should the responder run?A . Database search filename “msscrt.pdf”B . Database search msscrt.pdfC . Endpoint search filename like msscrt.pdfD . Endpoint search filename =“msscrt.pdf”View AnswerAnswer: A
Which SEP technologies are used by ATP to enforce the blacklisting of files?
Which SEP technologies are used by ATP to enforce the blacklisting of files?A . Application and Device ControlB . SONAR and BloodhoundC . System Lockdown and Download InsightD . Intrusion Prevention and Browser Intrusion PreventionView AnswerAnswer: C Explanation: Reference: https://support.symantec.com/en_US/article.HOWTO101774.html
Which best practice does Symantec recommend with the Endpoint Detection and Response feature?
Which best practice does Symantec recommend with the Endpoint Detection and Response feature?A . Create a unique Cynic account to provide to ATPB . Create a unique Symantec Messaging Gateway account to provide to ATPC . Create a unique Symantec Protection Manager (SEPM) administrator account to provide to ATPD ....
Where can an Incident Responder view Cynic results in ATP?
Where can an Incident Responder view Cynic results in ATP?A . EventsB . DashboardC . File DetailsD . Incident DetailsView AnswerAnswer: D Explanation: Reference: https://support.symantec.com/en_US/article.HOWTO128417.html
Which stage of an Advanced Persistent Threat (APT) attack does social engineering occur?
Which stage of an Advanced Persistent Threat (APT) attack does social engineering occur?A . CaptureB . IncursionC . DiscoveryD . ExfiltrationView AnswerAnswer: B
Which syntax should the responder use?
An Incident Responder wants to run a database search that will list all client named starting with SYM. Which syntax should the responder use?A . hostname like “SYM”B . hostname “SYM”C . hostname “SYM*”D . hostname like “SYM*”View AnswerAnswer: A Explanation: Reference: https://support.symantec.com/en_US/article.HOWTO124805.html
Which section of the ATP console should an ATP Administrator use to create blacklists and whitelists?
Which section of the ATP console should an ATP Administrator use to create blacklists and whitelists?A . ReportsB . SettingsC . Action ManagerD . PoliciesView AnswerAnswer: D Explanation: Reference: https://symwisedownload.symantec.com//resources/sites/SYMWISE/content/live/ DOCUMENTATION/10000/DOC10986/en_US/satp_administration_guide_3.1.pdf? __gda__=1541979133_5668f0b4c03c16ac1a30d54989313e76 (132)
