Get Feb-2024 Dumps to Pass your 250-561 Exam with 100% Real Questions and Answers [Q39-Q61]

Get Feb-2024 Dumps to Pass your 250-561 Exam with 100% Real Questions and Answers

Updated Exam 250-561 Dumps with New Questions

NEW QUESTION # 39
Which file should an administrator create, resulting Group Policy Object (GPO)?

• A. Symantec__Agent_package_x64.zip
• B. Symantec__Agent_package_x64.msi
• C. Symantec__Agent_package_x64.exe
• D. Symantec__Agent_package__32-bit.msi

Answer: D

NEW QUESTION # 40
Which report template out format should an administrator utilize to generate graphical reports?

• A. HTML
• B. PFD
• C. XML
• D. XML

Answer: A

NEW QUESTION # 41
An administrator must create a custom role in ICDm.
Which area of the management console is able to have access restricted or granted?

• A. Policy Management
• B. Hybrid device management
• C. Agent deployment
• D. Custom Dashboard Creation

Answer: C

NEW QUESTION # 42
What version number is assigned to a duplicated policy?

• A. Zero
• B. The original policy's version numb
• C. One
• D. The original policy's number plus one

Answer: D

NEW QUESTION # 43
In which phase of MITRE framework would attackers exploit faults in software to directly tamper with system memory?

• A. Exfiltration
• B. Defense Evasion
• C. Execution
• D. Discovery

Answer: B

NEW QUESTION # 44
Which device page should an administrator view to track the progress of an issued device command?

• A. Command History
• B. Recent Activity
• C. Activity Update
• D. Command Status

Answer: B

NEW QUESTION # 45
Which report template type should an administrator utilize to create a daily summary of network threats detected?

• A. Network Risk Report
• B. Intrusion Prevention Report
• C. Blocked Threats Report
• D. Access Violation Report

Answer: D

NEW QUESTION # 46
Which SES security control protects against threats that may occur in the Impact phase?

• A. Antimalware
• B. IPS
• C. Firewall
• D. Device Control

Answer: C

NEW QUESTION # 47
What option must an administrator choose when rolling back a policy assignment to a previous version?

• A. Customize
• B. Go Back
• C. Reverse
• D. Override

Answer: D

NEW QUESTION # 48
An endpoint fails to retrieve content updates.
Which URL should an administrator test in a browser to determine if the issue is network related?

• A. https://liveupdate.symantec,com/livetri.zi
• B. https://spocsymantec.com/livetri.zip
• C. https://update.symantec.com/livetri.zip
• D. http://update.symantec.com/livetri.zip

Answer: B

NEW QUESTION # 49
Which policy should an administrator edit to utilize the Symantec LiveUpdate server for pre-release content?

• A. The LiveUpdate Policy
• B. The System Policy
• C. The Firewall Policy
• D. The System Schedule Policy

Answer: A

NEW QUESTION # 50
The ICDm has generated a blacklist task due to malicious traffic detection. Which SES component was utilized to make that detection?

• A. Reputation
• B. Firewall
• C. IPS
• D. Antimalware

Answer: D

NEW QUESTION # 51
Which Firewall Stealth setting prevents OS fingerprinting by sending erroneous OS information back to the attacker?

• A. Disable OS fingerprint detection
• B. Enable OS fingerprint masqueradi
• C. Enable OS fingerprint protection
• D. Disable OS fingerprint profiling

Answer: B

NEW QUESTION # 52
Which Endpoint > Setting should an administrator utilize to locate unmanaged endpoints on a network subnet?

• A. Endpoint Enrollment
• B. Device Discovery
• C. Discover Endpoints
• D. Discover and Deploy

Answer: C

NEW QUESTION # 53
Wh.ch Firewall rule components should an administrator configure to block facebook.com use during business hours?

• A. Action, Application, and Schedule
• B. Action, Hosts(s), and Schedule
• C. Host(s), Network Interface, and Network Service
• D. Application, Host(s), and Network Service

Answer: B

NEW QUESTION # 54
An administrator suspects that several computers have become part of a botnet. What should the administrator do to detect botnet activity on the network?

• A. Enable the Command and Control Server Firewall
• B. Enable the IPS policy's Show notification on the device setting
• C. Add botnet related signatures to the IPS policy's Audit Signatures list
• D. Set the Antimalware policy's Monitoring Level to 4

Answer: A

NEW QUESTION # 55
Which type of security threat is used by attackers to exploit vulnerable applications?

• A. Privilege Escalation
• B. Credential Access
• C. Command and Control
• D. Lateral Movement

Answer: A

NEW QUESTION # 56
Which Antimalware technology is used after all local resources have been exhausted?

• A. Reputation
• B. ITCS
• C. Emulator
• D. Sapient

Answer: B

NEW QUESTION # 57
Which security control is complementary to IPS, providing a second layer of protection against network attacks?

• A. Firewall
• B. Antimalware
• C. Network Protection
• D. Host Integrity

Answer: C

NEW QUESTION # 58
Which default role has the most limited permission in the Integrated Cyber Defense Manager?

• A. Server Administrator
• B. Limited Administrator
• C. Restricted Administrator
• D. Endpoint Console Domain Administrator

Answer: A

NEW QUESTION # 59
An endpoint is offline, and the administrator issues a scan command. What happens to the endpoint when it restarts, if it lacks connectivity?

• A. The system downloads the content without scanning.
• B. The system is scanning when started.
• C. The system starts without scanning.
• D. The system scans after the content update is downloaded.

Answer: A

NEW QUESTION # 60
Which SES feature helps administrator apply policies based on specific endpoint profiles?

• A. Device Groups
• B. Device Profiles
• C. Policy Bundles
• D. Policy Groups

Answer: D

NEW QUESTION # 61
......

100% Pass Guarantee for 250-561 Exam Dumps with Actual Exam Questions: https://www.prepawaytest.com/Symantec/250-561-practice-exam-dumps.html

Today Updated 250-561 Exam Dumps Actual Questions: https://drive.google.com/open?id=1Q_irwqkNeCs9nXB3pNyVOquyXnWKyMIW