What is the purpose of a Threat Defense for Active Directory Deceptive Account?

What is the purpose of a Threat Defense for Active Directory Deceptive Account?A . It prevents attackers from reading the contents of the Domain Admins Group.B . It assigns a fake NTLM password hash value for users with an assigned AdminCount attribute.C . It exposes attackers as they seek to...

April 22, 2025 No Comments READ MORE +

What does an end-user receive when an administrator utilizes the Invite User feature to distribute the SES client?

What does an end-user receive when an administrator utilizes the Invite User feature to distribute the SES client?A . An email with the SES_setup.zip file attachedB . An email with a link to register on the ICDm user portalC . An email with a link to directly download the SES...

April 17, 2025 No Comments READ MORE +

Which two (2) criteria are used by Symantec Insight to evaluate binary executables? (Select two.)

Which two (2) criteria are used by Symantec Insight to evaluate binary executables? (Select two.)A . SensitivityB . PrevalenceC . ConfidentialityD . ContentE . AgeView AnswerAnswer: BE Explanation: Symantec Insight uses Prevalence and Age as two primary criteria to evaluate binary executables. These metrics help determine the likelihood that a...

April 16, 2025 No Comments READ MORE +

Which action should the administrator take to correct the problem with minimal impact on the existing environment?

After several failed logon attempts, the Symantec Endpoint Protection Manager (SEPM) has locked the default admin account. An administrator needs to make system changes as soon as possible to address an outbreak, but the admin account is the only account. Which action should the administrator take to correct the problem...

April 16, 2025 No Comments READ MORE +

Which SES security control protects a user against data leakage if they encounter a man-in-the-middle attack?

Which SES security control protects a user against data leakage if they encounter a man-in-the-middle attack?A . IPv6 TunnelingB . IPSC . FirewallD . VPNView AnswerAnswer: B Explanation: The Intrusion Prevention System (IPS) in Symantec Endpoint Security (SES) plays a crucial role in defending against data leakage during a man-in-the-middle...

April 14, 2025 No Comments READ MORE +

Which type of event does operation:1 indicate in a SEDR database search?

Which type of event does operation:1 indicate in a SEDR database search?A . File Deleted.B . File Closed.C . File Open.D . File Created.View AnswerAnswer: C Explanation: In a Symantec Endpoint Detection and Response (SEDR) database search, an event labeled with operation:1 corresponds to a File Open action. This identifier...

April 12, 2025 No Comments READ MORE +

What EDR function minimizes the risk of an endpoint infecting other resources in the environment?

What EDR function minimizes the risk of an endpoint infecting other resources in the environment?A . QuarantineB . BlockC . Deny ListD . FirewallView AnswerAnswer: A Explanation: The function of "Quarantine" in Endpoint Detection and Response (EDR) minimizes the risk of an infected endpoint spreading malware or malicious activities to...

April 11, 2025 No Comments READ MORE +

Which Advanced Firewall Protection setting should an administrator enable to prevent the intruder's system from communicating with the network after the IPS detection?

The SES Intrusion Prevention System has blocked an intruder's attempt to establish an IRC connection inside the firewall. Which Advanced Firewall Protection setting should an administrator enable to prevent the intruder's system from communicating with the network after the IPS detection?A . Enable port scan detectionB . Automatically block an...

April 8, 2025 No Comments READ MORE +

Which Symantec Endpoint Protection technology blocks a downloaded program from installing browser plugins?

Which Symantec Endpoint Protection technology blocks a downloaded program from installing browser plugins?A . Intrusion PreventionB . SONARC . Application and Device ControlD . Tamper ProtectionView AnswerAnswer: C Explanation: The Application and Device Control technology within Symantec Endpoint Protection (SEP) is responsible for blocking unauthorized software behaviors, such as preventing...

April 6, 2025 No Comments READ MORE +

If an administrator enables the setting to manage policies from the cloud, what steps must be taken to reverse this process?

If an administrator enables the setting to manage policies from the cloud, what steps must be taken to reverse this process?A . Navigate to ICDm > Enrollment and disable the settingB . Unenroll the SEPM > Disable the setting > Re-enroll the SEPMC . Revoke policies from ICDmD . Revoke...

April 5, 2025 No Comments READ MORE +