Symantec Related Exams
250-441 Exam
Which best practice does Symantec recommend with the Endpoint Detection and Response feature?
An Incident Responder needs to remediate a group of endpoints but also wants to copy a potentially suspicious file to the ATP file store.
In which scenario should the Incident Responder copy a suspicious file to the ATP file store?