250-561 Exam Details

  • Exam Code
    :250-561
  • Exam Name
    :Endpoint Security Complete - Administration R1
  • Certification
    :Symantec Certifications
  • Vendor
    :Symantec
  • Total Questions
    :70 Q&As
  • Last Updated
    :Jul 09, 2026

Symantec 250-561 Online Questions & Answers

  • Question 1:

    An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity. What should an administrator do to display only high risk files?

    A. Apply a list control
    B. Apply a search rule
    C. Apply a list filter
    D. Apply a search modifier

  • Question 2:

    Which SEPM-generated element is required for an administrator to complete the enrollment of SEPM to the cloud console?

    A. Token
    B. SEPM password
    C. Certificate key pair
    D. SQL password

  • Question 3:

    Which two (2) options is an administrator able to use to prevent a file from being fasely detected? (Select two)

    A. Assign the file a SHA-256 cryptographic hash
    B. Add the file to a Whitelist policy
    C. Reduce the Intensive Protection setting of the Antimalware policy
    D. Register the file with Symantec's False Positive database
    E. Rename the file

  • Question 4:

    Which URL is responsible for notifying the SES agent that a policy change occurred in the cloud console?

    A. spoc.norton.com
    B. stnd-ipsg.crsi-symantec.com
    C. ent-shasta.rrs-symantec.com
    D. ocsp.digicert.com

  • Question 5:

    Which communication method is utilized within SES to achieve real-time management?

    A. Heartbeat
    B. Standard polling
    C. Push Notification
    D. Long polling

  • Question 6:

    What are the Exploit Mitigation security control's mitigation techniques designed to prevent?

    A. Packed file execution
    B. Misbehaving applications
    C. File-less attacks
    D. Rootkit downloads

  • Question 7:

    What is the frequency of feature updates with SES and the Integrated Cyber Defense Manager (ICDm)

    A. Monthly
    B. Weekly
    C. Quarterly
    D. Bi-monthly

  • Question 8:

    An endpoint fails to retrieve content updates.

    Which URL should an administrator test in a browser to determine if the issue is network related?

    A. https://liveupdate.symantec,com/livetri.zi
    B. http://update.symantec.com/livetri.zip
    C. https://spocsymantec.com/livetri.zip
    D. https://update.symantec.com/livetri.zip

  • Question 9:

    Which security threat uses malicious code to destroy evidence, break systems, or encrypt data?

    A. Execution
    B. Persistence
    C. Impact
    D. Discovery

  • Question 10:

    Which alert rule category includes events that are generated about the cloud console?

    A. Security
    B. Diagnostic
    C. System
    D. Application Activity

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 250-561 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.