250-580 exam

What is a feature of Cynic?A . Local SandboxingB . Forwarding event data to Security Information and Event Management (SIEM)C . Cloud SandboxingD . Customizable OS ImagesView AnswerAnswer: C Explanation: Cynic is a feature of Symantec Endpoint Security that provides cloud sandboxing capabilities. Cloud sandboxing allows Cynic to analyze suspicious...

Which report template type should an administrator utilize to create a daily summary of network threats detected?A . Intrusion Prevention ReportB . Blocked Threats ReportC . Network Risk ReportD . Access Violation ReportView AnswerAnswer: C Explanation: To create a daily summary of network threats detected, an administrator should use the...

What should an administrator utilize to identify devices on a Mac?A . Use DevViewer when the Device is connected.B . Use Devicelnfo when the Device is connected.C . Use Device Manager when the Device is connected.D . Use GatherSymantecInfo when the Device is connected.View AnswerAnswer: D Explanation: To identify devices...

An administrator notices that some entries list that the Risk was partially removed. The administrator needs to determine whether additional steps are necessary to remediate the threat. Where in the Symantec Endpoint Protection Manager console can the administrator find additional information on the risk?A . Risk logB . Computer Status...

What is an appropriate use of a file fingerprint list?A . Allow unknown files to be downloaded with InsightB . Prevent programs from runningC . Prevent Antivirus from scanning a fileD . Allow files to bypass Intrusion Prevention detectionView AnswerAnswer: B Explanation: A file fingerprint list is used to prevent...

What EDR feature provides endpoint activity recorder data for a file hash?A . Process DumpB . Entity DumpC . Hash DumpD . Full DumpView AnswerAnswer: B Explanation: In Symantec Endpoint Detection and Response (EDR), the Entity Dump feature provides detailed activity recorder data related to a specific file hash. This...

What should an administrator know regarding the differences between a Domain and a Tenant in ICDm?A . A tenant can contain multiple domainsB . Each customer can have one domain and many tenantsC . A domain can contain multiple tenantsD . Each customer can have one tenant and no domainsView...

The LiveUpdate Download Schedule is set to the default on the Symantec Endpoint Protection Manager (SEPM). How many content revisions must the SEPM keep to ensure clients that check in to the SEPM every 10 days receive xdelta content packages instead of full content packages?A . 10B . 20C ....

What must be entered before downloading a file from ICDm?A . NameB . PasswordC . HashD . DateView AnswerAnswer: C Explanation: Before downloading a file from the Integrated Cyber Defense Manager (ICDm), the hash of the file must be entered. The hash serves as a unique identifier for the file,...

An administrator changes the Virus and Spyware Protection policy for a specific group that disables Auto-Protect. The administrator assigns the policy and the client systems apply the corresponding policy serial number. Upon visual inspection of a physical client system, the policy serial number is correct. However, Auto-Protect is still enabled...