250-441試験無料問題集「Symantec Administration of Symantec Advanced Threat Protection 3.0 認定」

ページ: 1 / 10
トータル 96 問
完全版を入手する
How can an Incident Responder generate events for a site that was identified as malicious but has NOT triggered any events or incidents in ATP?

Which two widgets can an Incident Responder use to isolate breached endpoints from the Incident details page? (Choose two.)

An ATP Administrator has deployed ATP: Network, Endpoint, and Email and now wants to ensure that all connections are properly secured.
Which connections should the administrator secure with signed SSL certificates?

Which SEP technologies are used by ATP to enforce the blacklisting of files?

Which level of privilege corresponds to each ATP account type?
Match the correct account type to the corresponding privileges.
正解:

A medium-sized organization with 10,000 users at Site A and 20,000 users at Site B wants to use ATP:
Network to scan internet traffic at both sites.
Which physical appliances should the organization use to act as a network scanner at each site while using the fewest appliances and assuming typical network usage?

While filling out the After Actions Report, an Incident Response Team noted that improved log monitoring could help detect future breaches.
What are two examples of how an organization can improve log monitoring to help detect future breaches?
(Choose two.)

ATP detects a threat phoning home to a command and control server and creates a new incident. The treat is NOT being detected by SEP, but the Incident Response team conducted an indicators of compromise (IOC) search for the machines that are contacting the malicious sites to gather more information.
Which step should the Incident Response team incorporate into their plan of action?

Which threat is an example of an Advanced Persistent Threat (APT)?

Which prerequisite is necessary to extend the ATP: Network solution service in order to correlate email detections?

ページ: 1 / 10
トータル 96 問