250-441 Symantec Administration of Symantec Advanced Threat Protection 3.0 exact Exam Questions

Administration of Symantec Advanced Threat Protection 3.0

Last Update 19 hours ago Total Questions : 96

The Administration of Symantec Advanced Threat Protection 3.0 content is now fully updated, with all current exam questions added 19 hours ago. Deciding to include 250-441 practice exam questions in your study plan goes far beyond basic test preparation.

You'll find that our 250-441 exam questions frequently feature detailed scenarios and practical problem-solving exercises that directly mirror industry challenges. Engaging with these 250-441 sample sets allows you to effectively manage your time and pace yourself, giving you the ability to finish any Administration of Symantec Advanced Threat Protection 3.0 practice test comfortably within the allotted time.

Question # 4

An Incident Responder has reviewed a STIX report and now wants to ensure that their systems have NOT been compromised by any of the reported threats.

Which two objects in the STIX report will ATP search against? (Choose two.)

SHA-256 hash

MD5 hash

MAC address

SHA-1 hash

Registry entry

Question # 5

An Incident Responder needs to remediate a group of endpoints but also wants to copy a potentially suspicious file to the ATP file store.

In which scenario should the Incident Responder copy a suspicious file to the ATP file store?

The responder needs to analyze with Cynic

The responder needs to isolate it from the network

The responder needs to write firewall rules

The responder needs to add the file to a whitelist

Question # 6

During a recent virus outlook, an Incident found that the incident Response team was successful in identifying malicious that were communicating with the infected endpoint.

Which two (2) options should be incident Responder select to prevent endpoints from communicating with malicious domains?

Use the isolation command in ATP to move endpoint to quarantine network.

Blacklist suspicious domain in the ATP manager.

Deploy a high-Security antivirus and Antispyware policy in the Symantec Endpoint protection Manager (SEPM.)

Create a firewall rule in the Symantec Endpoints Protection Manager (SEPM) or perimeter firewall that blocks

traffic to the domain.

Run a full system scan on all endpoints

Question # 7

What occurs when an endpoint fails its Host Integrity check and is unable to remediate?

The endpoint automatically switches to using a Compliance location, where a Compliance policy is applied to the computer.

The endpoint automatically switches to using a System Lockdown location, where a System Lockdown

policy is applied to the computer.

The endpoint automatically switches to using a Host Integrity location, where a Host Integrity policy is

applied to the computer.

The endpoint automatically switches to using a Quarantine location, where a Quarantine policy is applied to the computer.

Question # 8

A large company has 150,000 endpoints with 12 SEP sites across the globe. The company now wants to

implement ATP: Endpoint to improve their security. However, a consultant recently explained that the company needs to implement more than one ATP manager.

Why does the company need more than one ATP manager?

An ATP manager can only connect to a SQL backend

An ATP manager can only support 30,000 SEP clients

An ATP manager can only support 10 SEP site connections.

An ATP manager needs to be installed at each location where a Symantec Endpoint Protection Manager (SEPM) is located.