
100%無料250-561試験問題集で試験を簡単に合格させるFast2test
無料250-561試験問題250-561実際のリアル試験問題
質問 # 32
In which phase of MITRE framework would attackers exploit faults in software to directly tamper with system memory?
- A. Execution
- B. Discovery
- C. Defense Evasion
- D. Exfiltration
正解:C
質問 # 33
Which option should an administrator utilize to temporarily or permanently block a file?
- A. Blacklist
- B. Encrypt
- C. Delete
- D. Hide
正解:A
質問 # 34
Which IPS Signature type is Primarily used to identify specific unwanted traffic?
- A. Probe
- B. Malcode
- C. Attack
- D. Audit
正解:C
質問 # 35
What does SES's advanced search feature provide when an administrator searches for a specific term?
- A. A suggested terms dialog
- B. A search modifier dialog
- C. A search wizard dialog
- D. A search summary dialog
正解:B
質問 # 36
An administrator suspects that several computers have become part of a botnet. What should the administrator do to detect botnet activity on the network?
- A. Enable the Command and Control Server Firewall
- B. Add botnet related signatures to the IPS policy's Audit Signatures list
- C. Set the Antimalware policy's Monitoring Level to 4
- D. Enable the IPS policy's Show notification on the device setting
正解:A
質問 # 37
Which alert rule category includes events that are generated about the cloud console?
- A. System
- B. Application Activity
- C. Security
- D. Diagnostic
正解:C
質問 # 38
Which URL is responsible for notifying the SES agent that a policy change occurred in the cloud console?
- A. ocsp.digicert.com
- B. ent-shasta.rrs-symantec.com
- C. spoc.norton.com
- D. stnd-ipsg.crsi-symantec.com
正解:A
質問 # 39
What is the primary issue pertaining to managing roaming users while utilizing an on-premise solution?
- A. The endpoint is absent of the management console
- B. The endpoint is missing timely policy update
- C. The endpoint fails to receive content update
- D. The endpoint is more exposed to threats
正解:C
質問 # 40
Which technique randomizes the e memory address map with Memory Exploit Mitigation?
- A. ROPHEAP
- B. ASLR
- C. ForceDEP
- D. SEHOP
正解:B
質問 # 41
Which communication method is utilized within SES to achieve real-time management?
- A. Long polling
- B. Push Notification
- C. Standard polling
- D. Heartbeat
正解:B
質問 # 42
An administrator is evaluating an organization's computers for an upcoming SES deployment. Which computer meets the pre-requisites for the SES client?
- A. A computer running Windows 8 with 380 MB of disk space, 2 GB of RAM, and a 2.8 GHz Intel Pentium 4 processor
- B. A computer running Mac OS X 10.8 with 500 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
- C. A computer running Windows 10 with 400 MB of disk space, 2 GB of RAM, and a 2.4 GHz Intel Pentium 4 processor
- D. A computer running Mac OS X 10.14 with 400 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
正解:C
質問 # 43
Which type of organization is likely to be targeted with emerging threats?
- A. Large organizations with dedicated security teams
- B. Large organization with high turnover
- C. Small organization with little qualified staff
- D. Small organization with externalized managed security
正解:C
質問 # 44
An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.
What should the administrator do?
- A. Add the filename and SHA-256 hash to a Blacklist policy
- B. Add the file SHA1 to a blacklist policy
- C. Increase the Antimalware policy Intensity to Level 5
- D. Adjust the Antimalware policy age and prevalence settings
正解:D
質問 # 45
Which two (2) options is an administrator able to use to prevent a file from being fasely detected (Select two)
- A. Add the file to a Whitelist policy
- B. Reduce the Intensive Protection setting of the Antimalware policy
- C. Assign the file a SHA-256 cryptographic hash
- D. Register the file with Symantec's False Positive database
- E. Rename the file
正解:A、D
質問 # 46
What option must an administrator choose when rolling back a policy assignment to a previous version?
- A. Reverse
- B. Customize
- C. Override
- D. Go Back
正解:C
質問 # 47
Which security control is complementary to IPS, providing a second layer of protection against network attacks?
- A. Firewall
- B. Antimalware
- C. Network Protection
- D. Host Integrity
正解:C
質問 # 48
The ICDm has generated a blacklist task due to malicious traffic detection. Which SES component was utilized to make that detection?
- A. Firewall
- B. Reputation
- C. Antimalware
- D. IPS
正解:C
質問 # 49
......
最新100%合格率保証付きの素晴らしい250-561試験問題PDF:https://jp.fast2test.com/250-561-premium-file.html
検証済みの250-561問題集72格別な問題:https://drive.google.com/open?id=1Fzm1b_h3H5_BYysWfHwr9LgRxv-FTVbR