Which section of the ATP console should an ATP Administrator use to evaluate prioritized threats within the environment?

Which section of the ATP console should an ATP Administrator use to evaluate prioritized threats within the environment?A . SearchB . Action ManagerC . Incident ManagerD . EventsView AnswerAnswer: B

September 30, 2019 No Comments READ MORE +

Which level of privilege corresponds to each ATP account type?

DRAG DROP Which level of privilege corresponds to each ATP account type? Match the correct account type to the corresponding privileges. View AnswerAnswer:

September 27, 2019 No Comments READ MORE +

How should an ATP Administrator configure Endpoint Detection and Response according to Symantec best practices for a SEP environment with more than one domain?

How should an ATP Administrator configure Endpoint Detection and Response according to Symantec best practices for a SEP environment with more than one domain?A . Create a unique Symantec Endpoint Protection Manager (SEPM) domain for ATPB . Create an ATP manager for each Symantec Endpoint Protection Manager (SEPM) domainC ....

September 27, 2019 No Comments READ MORE +

Which search query and type should the responder run?

An Incident Responder wants to investigate whether msscrt.pdf resides on any systems. Which search query and type should the responder run?A . Database search filename “msscrt.pdf”B . Database search msscrt.pdfC . Endpoint search filename like msscrt.pdfD . Endpoint search filename =“msscrt.pdf”View AnswerAnswer: A

September 27, 2019 No Comments READ MORE +

Which SEP technologies are used by ATP to enforce the blacklisting of files?

Which SEP technologies are used by ATP to enforce the blacklisting of files?A . Application and Device ControlB . SONAR and BloodhoundC . System Lockdown and Download InsightD . Intrusion Prevention and Browser Intrusion PreventionView AnswerAnswer: C Explanation: Reference: https://support.symantec.com/en_US/article.HOWTO101774.html

September 27, 2019 No Comments READ MORE +

Which best practice does Symantec recommend with the Endpoint Detection and Response feature?

Which best practice does Symantec recommend with the Endpoint Detection and Response feature?A . Create a unique Cynic account to provide to ATPB . Create a unique Symantec Messaging Gateway account to provide to ATPC . Create a unique Symantec Protection Manager (SEPM) administrator account to provide to ATPD ....

September 24, 2019 No Comments READ MORE +

Where can an Incident Responder view Cynic results in ATP?

Where can an Incident Responder view Cynic results in ATP?A . EventsB . DashboardC . File DetailsD . Incident DetailsView AnswerAnswer: D Explanation: Reference: https://support.symantec.com/en_US/article.HOWTO128417.html

September 23, 2019 No Comments READ MORE +

Which stage of an Advanced Persistent Threat (APT) attack does social engineering occur?

Which stage of an Advanced Persistent Threat (APT) attack does social engineering occur?A . CaptureB . IncursionC . DiscoveryD . ExfiltrationView AnswerAnswer: B

September 20, 2019 No Comments READ MORE +

Which syntax should the responder use?

An Incident Responder wants to run a database search that will list all client named starting with SYM. Which syntax should the responder use?A . hostname like “SYM”B . hostname “SYM”C . hostname “SYM*”D . hostname like “SYM*”View AnswerAnswer: A Explanation: Reference: https://support.symantec.com/en_US/article.HOWTO124805.html

September 18, 2019 No Comments READ MORE +

Which section of the ATP console should an ATP Administrator use to create blacklists and whitelists?

Which section of the ATP console should an ATP Administrator use to create blacklists and whitelists?A . ReportsB . SettingsC . Action ManagerD . PoliciesView AnswerAnswer: D Explanation: Reference: https://symwisedownload.symantec.com//resources/sites/SYMWISE/content/live/ DOCUMENTATION/10000/DOC10986/en_US/satp_administration_guide_3.1.pdf? __gda__=1541979133_5668f0b4c03c16ac1a30d54989313e76 (132)

September 17, 2019 No Comments READ MORE +