CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Symantec
  5. 250-561

Free 250-561 Exam Braindumps (page: 6)

Page 6 of 18
PDF with 70 Questions

An administrator suspects that several computers have become part of a botnet.
What should the administrator do to detect botnet activity on the network?

  1. Enable the Command and Control Server Firewall
  2. Add botnet related signatures to the IPS policy's Audit Signatures list
  3. Enable the IPS policy's Show notification on the device setting
  4. Set the Antimalware policy's Monitoring Level to 4

Answer(s): A



Which Anti-malware technology should an administrator utilize to expose the malicious nature of a file created with a custom packet?

  1. Sandbox
  2. SONAR
  3. Reputation
  4. Emulator

Answer(s): A



An endpoint is offline, and the administrator issues a scan command.
What happens to the endpoint when it restarts, if it lacks connectivity?

  1. The system is scanning when started.
  2. The system downloads the content without scanning.
  3. The system starts without scanning.
  4. The system scans after the content update is downloaded.

Answer(s): B



Which type of security threat is used by attackers to exploit vulnerable applications?

  1. Lateral Movement
  2. Privilege Escalation
  3. Command and Control
  4. Credential Access

Answer(s): B



Page 6 of 18



Post your Comments and Discuss Symantec 250-561 exam with other Community members:

Lembart commented on May 07, 2024
This study guide from Xcerts.com is a pretty cool for acing exams – straightforward and totally worth it!
Germany
upvote