New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Pass 250-441 Exam Guide

Page: 2 / 4
Total 96 questions

Administration of Symantec Advanced Threat Protection 3.0 Questions and Answers

Question 5

Which stage of an Advanced Persistent Threat (APT) attack do attackers send information back to the home base?

Options:

A.

Capture

B.

Incursion

C.

Discovery

D.

Exfiltration

Question 6

Which two questions can an Incident Responder answer when analyzing an incident in ATP? (Choose two.)

Options:

A.

Does the organization need to do a healthcheck in the environment?

B.

Are certain endpoints being repeatedly attacked?

C.

Is the organization being attacked by this external entity repeatedly?

D.

Do ports need to be blocked or opened on the firewall?

E.

Does a risk assessment need to happen in the environment?

Question 7

Which stage of an Advanced Persistent Threat (APT) attack do attackers map an organization’s defenses from the inside?

Options:

A.

Discovery

B.

Capture

C.

Exfiltration

D.

Incursion

Question 8

What is a benefit of using Microsoft SQL as the Symantec Endpoint Protection Manager (SEPM) database in regard to ATP?

Options:

A.

It allows for Microsoft Incident Responders to assist in remediation

B.

ATP can access the database using a log collector on the SEPM host

C.

It allows for Symantec Incident Responders to assist in remediation

D.

ATP can access the database without any special host system requirements

Page: 2 / 4
Total 96 questions