New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. Symantec
  3. Symantec SCS Certification
  4. 250-561 - Endpoint Security Complete - Administration R1

Symantec 250-561 Endpoint Security Complete - Administration R1 Exam Practice Test

Page: 1 / 7
Total 70 questions
Get 250-561 Full Access Download 250-561 PDF

Endpoint Security Complete - Administration R1 Questions and Answers

Question 1

Which type of security threat is used by attackers to exploit vulnerable applications?

Options:

A.

Lateral Movement

B.

Privilege Escalation

C.

Command and Control

D.

Credential Access

Question 2

Which antimalware intensity level is defined by the following: "Blocks files that are most certainly bad or potentially bad files. Results in a comparable number of false positives and false negatives."

Options:

A.

Level 5

B.

Level 2

C.

Level 1

D.

Level 6

Question 3

What characterizes an emerging threat in comparison to traditional threat?

Options:

A.

Emerging threats use new techniques and 0-day vulnerability to propagate.

B.

Emerging threats requires artificial intelligence to be detected.

C.

Emerging threats are undetectable by signature based engines.

D.

Emerging threats are more sophisticated than traditional threats.

Question 4

An administrator must create a custom role in ICDm.

Which area of the management console is able to have access restricted or granted?

Options:

A.

Policy Management

B.

Hybrid device management

C.

Agent deployment

D.

Custom Dashboard Creation

Question 5

A user downloads and opens a PDF file with Adobe Acrobat. Unknown to the user, a hidden script in the file begins downloading a RAT.

Which Anti-malware engine recognizes that this behavior is inconsistent with normal Acrobat functionality, blocks the

behavior and kills Acrobat?

Options:

A.

SONAR

B.

Sapient

C.

IPS

D.

Emulator

Question 6

An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity. What should an administrator do to display only high risk files?

Options:

A.

Apply a list control

B.

Apply a search rule

C.

Apply a list filter

D.

Apply a search modifier

Question 7

Which technique randomizes the e memory address map with Memory Exploit Mitigation?

Options:

A.

SEHOP

B.

ROPHEAP

C.

ASLR

D.

ForceDEP

Question 8

An endpoint is offline, and the administrator issues a scan command. What happens to the endpoint when it restarts, if it lacks connectivity?

Options:

A.

The system is scanning when started.

B.

The system downloads the content without scanning.

C.

The system starts without scanning.

D.

The system scans after the content update is downloaded.

Question 9

What are the Exploit Mitigation security control's mitigation techniques designed to prevent?

Options:

A.

Packed file execution

B.

Misbehaving applications

C.

File-less attacks

D.

Rootkit downloads

Question 10

Which SES feature helps administrator apply policies based on specific endpoint profiles?

Options:

A.

Device Groups

B.

Device Profiles

C.

Policy Bundles

D.

Policy Groups

Load More 250-561 Questions 
Page: 1 / 7
Total 70 questions
Get 250-561 Full Access Download 250-561 PDF