Free Symantec 250-580 Practice Test & Real Exam Questions

Which action is provided by Symantec EDR for the rapid remediation of impacted endpoints?

Administrators at a company share a single terminal for configuring Symantec Endpoint Protection. The administrators want to ensure that each administrator using the console is forced to authenticate using their individual credentials. They are concerned that administrators may forget to log off the terminal, which would easily allow others to gain access to the Symantec Endpoint Protection Manager (SEPM) console.
Which setting should the administrator disable to minimize the risk of non-authorized users logging into the SEPM console?

Why is it important for an Incident Responder to search for suspicious registry and system file changes when threat hunting?

What does the MITRE ATT&CK Matrix consist of?

What prevention technique does Threat Defense for Active Directory use to expose attackers?

An organization recently experienced an outbreak and is conducting a health check of the environment. What Protection Technology can the SEP team enable to control and monitor the behavior of applications?

Which Discover and Deploy process requires the LocalAccountTokenFilterPolicy value to be added to the Windows registry of endpoints, before the process begins?

An organization is considering a single site for their Symantec Endpoint Protection environment. What are two (2) reasons that the organization should consider? (Select two)

An administrator is investigating a possible threat that occurs during the Windows startup. A file is observed that is NOT digitally signed by Microsoft. Which Anti-malware feature should the administrator enable to scan this file for threats?

What tool can administrators use to create custom behavioral isolation policies based on collected application behavior data?

A company allows users to create firewall rules. During the course of business, users are accidentally adding rules that block a custom internal application.
Which steps should the Symantec Endpoint Protection administrator take to prevent users from blocking the custom application?

In what order should an administrator configure the integration between SEDR and Symantec Endpoint Protection in order to maximize their benefits?

A Symantec Endpoint Protection (SEP) client uses a management server list with three management servers in the priority 1 list.
Which mechanism does the SEP client use to select an alternate management server if the currently selected management server is unavailable?

Which type of security threat continues to threaten endpoint security after a system reboot?