Which SEP technologies are used by ATP to enforce the blacklisting of files?

Correct Answer for the Question – Which SEP technologies are used by ATP to enforce the blacklisting of files? is given below Which SEP technologies are used by ATP to enforce the blacklisting of files? Application and Device Control SONAR and Bloodhound System Lockdown and Download Insight Intrusion Prevention and Browser Intrusion Prevention Correct Answer The … Read more

Which stage of an Advanced Persistent Threat (APT) attack do attackers map an organization’s defenses from the inside?

Correct Answer for the Question – Which stage of an Advanced Persistent Threat (APT) attack do attackers map an organization’s defenses from the inside? is given below Which stage of an Advanced Persistent Threat (APT) attack do attackers map an organization’s defenses from the inside? Discovery Capture Exfiltration Incursion Correct Answer The Correct Answer for this … Read more

Which syntax should the responder use?

Correct Answer for the Question – Which syntax should the responder use? is given below Which syntax should the responder use? hostname like “SYM” hostname “SYM” hostname “SYM*” hostname like “SYM*” Correct Answer The Correct Answer for this Question is hostname like “SYM” Explanation The Question – Which syntax should the responder use? has been answered … Read more

What does a Quarantine Firewall policy enable an ATP Administrator to do?

Correct Answer for the Question – What does a Quarantine Firewall policy enable an ATP Administrator to do? is given below What does a Quarantine Firewall policy enable an ATP Administrator to do? Isolate a computer while it is manually being remediated Submit files to a Central Quarantine server Filter all traffic leaving the network Intercept … Read more

Which attribute is required when configuring the Symantec Endpoint Protection Manager (SEPM) Log Collector?

Correct Answer for the Question – Which attribute is required when configuring the Symantec Endpoint Protection Manager (SEPM) Log Collector? is given below Which attribute is required when configuring the Symantec Endpoint Protection Manager (SEPM) Log Collector? SEPM embedded database name SEPM embedded database type SEPM embedded database version SEPM embedded database password Correct Answer The … Read more

What is the role of Vantage within the Advanced Threat Protection (ATP) solution?

Correct Answer for the Question – What is the role of Vantage within the Advanced Threat Protection (ATP) solution? is given below What is the role of Vantage within the Advanced Threat Protection (ATP) solution? Network detection component Event correlation Reputation-based security Detonation/sandbox Correct Answer The Correct Answer for this Question is Network detection component Explanation … Read more

Which Advanced Threat Protection (ATP) component best isolates an infected computer from the network?

Correct Answer for the Question – Which Advanced Threat Protection (ATP) component best isolates an infected computer from the network? is given below Which Advanced Threat Protection (ATP) component best isolates an infected computer from the network? ATP: Email ATP: Endpoint ATP: Network ATP: Roaming Correct Answer The Correct Answer for this Question is ATP: Endpoint … Read more

What is the role of Cynic within the Advanced Threat Protection (ATP) solution?

Correct Answer for the Question – What is the role of Cynic within the Advanced Threat Protection (ATP) solution? is given below What is the role of Cynic within the Advanced Threat Protection (ATP) solution? Reputation-based security Event correlation Network detection component Detonation/sandbox Correct Answer The Correct Answer for this Question is Detonation/sandbox Explanation The Question … Read more

Why is it important for an Incident Responder to review Related Incidents and Events when analyzing an incident for an After Actions Report?

Correct Answer for the Question – Why is it important for an Incident Responder to review Related Incidents and Events when analyzing an incident for an After Actions Report? is given below Why is it important for an Incident Responder to review Related Incidents and Events when analyzing an incident for an After Actions Report? It … Read more