検証済み250-561問題集と解答で2023年最新の250-561をダウンロード
更新された100%カバー率リアル250-561試験問題で100%合格保証付いてます
質問 # 33
Which statement best defines Machine Learning?
- A. A program that needs user input to perform a task.
- B. A program that require data to perform a task.
- C. A program that teams from observing other programs.
- D. A program that learns from experience to optimize the output of a task.
正解:C
質問 # 34
Which framework, open and available to any administrator, is utilized to categorize adversarial tactics and for each phase of a cyber attack?
- A. MITRE RESPONSE
- B. MITRE ADV&NCE
- C. MITRE ATT&CK
- D. MITRE ATTACK MATRIX
正解:B
質問 # 35
What version number is assigned to a duplicated policy?
- A. The original policy's version numb
- B. One
- C. Zero
- D. The original policy's number plus one
正解:D
質問 # 36
In which phase of MITRE framework would attackers exploit faults in software to directly tamper with system memory?
- A. Defense Evasion
- B. Execution
- C. Discovery
- D. Exfiltration
正解:A
質問 # 37
An endpoint fails to retrieve content updates.
Which URL should an administrator test in a browser to determine if the issue is network related?
- A. https://update.symantec.com/livetri.zip
- B. https://spocsymantec.com/livetri.zip
- C. http://update.symantec.com/livetri.zip
- D. https://liveupdate.symantec,com/livetri.zi
正解:B
質問 # 38
Which Symantec component is required to enable two factor authentication with VIP on the Integrated Cyber Defense manager (ICDm)?
- A. A physical token or a software token
- B. A software token and an active directory account
- C. A physical token or a secure USB key
- D. A software token and a VIP server
正解:D
質問 # 39
An administrator suspects that several computers have become part of a botnet. What should the administrator do to detect botnet activity on the network?
- A. Enable the IPS policy's Show notification on the device setting
- B. Set the Antimalware policy's Monitoring Level to 4
- C. Enable the Command and Control Server Firewall
- D. Add botnet related signatures to the IPS policy's Audit Signatures list
正解:C
質問 # 40
What must an administrator check prior to enrolling an on-prem SEPM infrastructure into the cloud?
- A. Clients are running SEP 14.0.1 or late
- B. Clients are running SEP 12-6 or later
- C. Clients are running SEP 14.1.0 or later
- D. Clients are running SEP 14.2 or later
正解:A
質問 # 41
Which communication method is utilized within SES to achieve real-time management?
- A. Push Notification
- B. Standard polling
- C. Long polling
- D. Heartbeat
正解:A
質問 # 42
Which term or expression is utilized when adversaries leverage existing tools in the environment?
- A. living off the land
- B. file-less attack
- C. script kiddies
- D. opportunistic attack
正解:C
質問 # 43
An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.
What should the administrator do?
- A. Adjust the Antimalware policy age and prevalence settings
- B. Add the filename and SHA-256 hash to a Blacklist policy
- C. Add the file SHA1 to a blacklist policy
- D. Increase the Antimalware policy Intensity to Level 5
正解:A
質問 # 44
Which two (2) skill areas are critical to the success of incident Response Teams (Select two)
- A. Threat Analysis
- B. Cyber Intelligence
- C. Project Management
- D. Incident Response
- E. Incident Management
正解:B、D
質問 # 45
Which designation should an administrator assign to the computer configured to find unmanaged devices?
- A. Discovery Manager
- B. Discovery Agent
- C. Discovery Broker
- D. Discovery Device
正解:B
質問 # 46
An administrator must create a custom role in ICDm.
Which area of the management console is able to have access restricted or granted?
- A. Agent deployment
- B. Custom Dashboard Creation
- C. Hybrid device management
- D. Policy Management
正解:A
質問 # 47
Which rule types should be at the bottom of the list when an administrator adds device control rules?
- A. General "catch all" rules
- B. Specific "device type" rules
- C. General "brand defined" rules
- D. Specific "device model" rules
正解:D
質問 # 48
Which alert rule category includes events that are generated about the cloud console?
- A. Security
- B. Diagnostic
- C. Application Activity
- D. System
正解:A
質問 # 49
Which IPS Signature type is Primarily used to identify specific unwanted traffic?
- A. Probe
- B. Malcode
- C. Attack
- D. Audit
正解:C
質問 # 50
What are two (2) benefits of a fully cloud managed endpoint protection solution? (Select two)
- A. Increased content update frequency
- B. Reduced network usage
- C. Reduced 3rd party licensing cost
- D. Reduced database usage
- E. Increased visibility
正解:C、D
質問 # 51
An administrator is evaluating an organization's computers for an upcoming SES deployment. Which computer meets the pre-requisites for the SES client?
- A. A computer running Mac OS X 10.14 with 400 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
- B. A computer running Windows 8 with 380 MB of disk space, 2 GB of RAM, and a 2.8 GHz Intel Pentium 4 processor
- C. A computer running Mac OS X 10.8 with 500 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
- D. A computer running Windows 10 with 400 MB of disk space, 2 GB of RAM, and a 2.4 GHz Intel Pentium 4 processor
正解:D
質問 # 52
Which file property does SES utilize to search the VirusTotal website for suspicious file information?
- A. File name
- B. File reputation
- C. File size
- D. File hash
正解:A
質問 # 53
......
Symantec 250-561試験は、グローバルに認識されているベンダー中立認証です。この試験は、Symantec Endpointセキュリティの完全なソリューションを構成および管理するために必要なスキルと知識を検証するように設計されています。この試験では、エンドポイント保護、ネットワーク保護、脅威防止、コンプライアンス管理など、さまざまなトピックをカバーしています。この試験は、Symantec Endpoint Securityの経験があるIT専門家を対象としています。
Symantec 250-561認定試験は、Symantec Endpointセキュリティの完全なソリューションを管理する際の専門知識を実証したい専門家にとって貴重な資格です。候補者がサイバーセキュリティの分野でスキルと知識を向上させ、キャリアの機会を促進するのに役立ちます。適切な準備と実務経験により、候補者は試験に合格し、グローバルに認識される認定を獲得できます。
リアル問題集で100%無料250-561試験問題集を試そう:https://www.jpntest.com/shiken/250-561-mondaishu