What is causing this issue?
An Incident Responder discovers an incident where all systems are infected with a file that has the same name and different hash. As a result, the organism view has multiple entries for the malicious...
How is it possible that the search returned results?
January 29, 2021Pdfprep250-441Symantec Certification Agreement, 250-441 exam questions, 250-441 practice exam
Pdfprep2021-01-29T01:01:45+00:00An Incident Responder launches a search from ATP for a file hash. The search returns the results immediately. The responder reviews the Symantec Endpoint Protection Manager (SEPM) command status and does NOT see an...
What is a benefit of using Microsoft SQL as the Symantec Endpoint Protection Manager (SEPM) database in regard to ATP?
January 27, 2021Pdfprep250-441250-441 exam questions, 250-441 practice exam, Symantec Certification Agreement
Pdfprep2021-01-27T02:22:30+00:00What is a benefit of using Microsoft SQL as the Symantec Endpoint Protection Manager (SEPM) database in regard to ATP?A . It allows for Microsoft Incident Responders to assist in remediationB . ATP can...
Which SEP technology does an Incident Responder need to enable in order to enforce blacklisting on an endpoint?
January 26, 2021Pdfprep250-441250-441 exam questions, 250-441 practice exam, Symantec Certification Agreement
Pdfprep2021-01-26T06:54:26+00:00Which SEP technology does an Incident Responder need to enable in order to enforce blacklisting on an endpoint?A . System LockdownB . Intrusion Prevention SystemC . FirewallD . SONARView AnswerAnswer: A
In which scenario should an Incident Responder manually submit a file to the Cynic portal?
January 25, 2021Pdfprep250-441250-441 practice exam, Symantec Certification Agreement, 250-441 exam questions
Pdfprep2021-01-25T21:54:26+00:00In which scenario should an Incident Responder manually submit a file to the Cynic portal?A . There is a file on a USB that an Incident Responder wants to analyze in a sandbox.B ....
Which best practice does Symantec recommend with the Endpoint Detection and Response feature?
January 25, 2021Pdfprep250-441250-441 exam questions, 250-441 practice exam, Symantec Certification Agreement
Pdfprep2021-01-25T21:00:57+00:00Which best practice does Symantec recommend with the Endpoint Detection and Response feature?A . Create a unique Cynic account to provide to ATPB . Create a unique Symantec Messaging Gateway account to provide to...
Which type of authentication is allowed?
January 25, 2021Pdfprep250-441250-441 exam questions, 250-441 practice exam, Symantec Certification Agreement
Pdfprep2021-01-25T16:39:36+00:00An ATP administrator is setting up an Endpoint Detection and Response connection. Which type of authentication is allowed?A . Active Directory authenticationB . SQL authenticationC . LDAP authenticationD . Symantec Endpoint Protection Manager (SEPM)...
Which stage of an Advanced Persistent Threat (APT) attack does social engineering occur?
January 23, 2021Pdfprep250-441Symantec Certification Agreement, 250-441 exam questions, 250-441 practice exam
Pdfprep2021-01-23T09:40:03+00:00Which stage of an Advanced Persistent Threat (APT) attack does social engineering occur?A . CaptureB . IncursionC . DiscoveryD . ExfiltrationView AnswerAnswer: B
Which step should the Incident Response team incorporate into their plan of action?
January 15, 2021Pdfprep250-441250-441 exam questions, 250-441 practice exam, Symantec Certification Agreement
Pdfprep2021-01-15T13:40:22+00:00ATP detects a threat phoning home to a command and control server and creates a new incident. The treat is NOT being detected by SEP, but the Incident Response team conducted an indicators of...
What is the role of Vantage within the Advanced Threat Protection (ATP) solution?
January 13, 2021Pdfprep250-441250-441 exam questions, 250-441 practice exam, Symantec Certification Agreement
Pdfprep2021-01-13T11:47:53+00:00What is the role of Vantage within the Advanced Threat Protection (ATP) solution?A . Network detection componentB . Event correlationC . Reputation-based securityD . Detonation/sandboxView AnswerAnswer: A Explanation: Reference: https://support.symantec.com/en_US/article.HOWTO119277.html