250-580 exam

Which IPS signature type is primarily used to identify specific unwanted network traffic?A . AttackB . AuditC . MalcodeD . ProbeView AnswerAnswer: A Explanation: Within Symantec Endpoint Protection’s Intrusion Prevention System (IPS), Attack signatures are specifically designed to identify and block known patterns of malicious network traffic. Attack signatures focus...

What protection technology should an administrator enable to prevent double executable file names of ransomware variants like Cryptolocker from running?A . Download InsightB . Intrusion Prevention SystemC . SONARD . Memory Exploit MitigationView AnswerAnswer: C Explanation: To prevent ransomware variants, such as Cryptolocker, from executing with double executable file names,...

Files are blocked by hash in the deny list policy. Which algorithm is supported, in addition to MD5?A . SHA2B . SHA256C . SHA256 "salted"D . MD5 "Salted"View AnswerAnswer: B Explanation: In Symantec Endpoint Protection (SEP), when files are blocked by hash in the deny list policy, SHA256 is supported...

Which designation should an administrator assign to the computer configured to find unmanaged devices?A . Discovery DeviceB . Discovery ManagerC . Discovery AgentD . Discovery BrokerView AnswerAnswer: C Explanation: In Symantec Endpoint Protection, the Discovery Agent designation is assigned to a computer responsible for identifying unmanaged devices within a network....

An Application Control policy includes an Allowed list and a Blocked list. A user wants to use an application that is neither on the Allowed list nor on the Blocked list. What can the user do to gain access to the application?A . Email the App Control AdminB . Request...

What Symantec Best Practice is recommended when setting up Active Directory integration with the Symantec Endpoint Protection Manager?A . Ensure there is more than one Active Directory Server listed in the Server Properties.B . Link the built-in Admin account to an Active Directory account.C . Import the existing AD structure...

What is the purpose of a Threat Defense for Active Directory Deceptive Account?A . It prevents attackers from reading the contents of the Domain Admins Group.B . It assigns a fake NTLM password hash value for users with an assigned AdminCount attribute.C . It exposes attackers as they seek to...

What does an end-user receive when an administrator utilizes the Invite User feature to distribute the SES client?A . An email with the SES_setup.zip file attachedB . An email with a link to register on the ICDm user portalC . An email with a link to directly download the SES...

Which two (2) criteria are used by Symantec Insight to evaluate binary executables? (Select two.)A . SensitivityB . PrevalenceC . ConfidentialityD . ContentE . AgeView AnswerAnswer: BE Explanation: Symantec Insight uses Prevalence and Age as two primary criteria to evaluate binary executables. These metrics help determine the likelihood that a...

After several failed logon attempts, the Symantec Endpoint Protection Manager (SEPM) has locked the default admin account. An administrator needs to make system changes as soon as possible to address an outbreak, but the admin account is the only account. Which action should the administrator take to correct the problem...