In which phase of MITRE framework would attackers exploit faults in software to directly tamper with system memory?
A. Exfiltration
B. Discovery
C. Execution
D. Defense Evasion
Files are blocked by hash in the blacklist policy.
Which algorithm is supported, in addition to MD5?
A. SHA256
B. SHA256 "salted"
C. MD5 "Salted"
D. SHA2
After editing and saving a policy, an administrator is prompted with the option to apply the edited policy to any assigned device groups.
What happens to the new version of the policy if the administrator declines the option to apply it?
A. The policy display is returned to edit mode
B. The new version of the policy is deleted
C. An unassigned version of the policy is created
D. The new version of the policy is added to the "in progress" list
What does SES's advanced search feature provide when an administrator searches for a specific term?
A. A search modifier dialog
B. A search wizard dialog
C. A suggested terms dialog
D. A search summary dialog
Which device page should an administrator view to track the progress of an issued device command?
A. Command Status
B. Command History
C. Recent Activity
D. Activity Update
What must an administrator check prior to enrolling an on-prem SEPM infrastructure into the cloud?
A. Clients are running SEP 14.2 or later
B. Clients are running SEP 14.1.0 or later
C. Clients are running SEP 12-6 or later
D. Clients are running SEP 14.0.1 or late
Which type of organization is likely to be targeted with emerging threats?
A. Small organization with externalized managed security
B. Large organizations with dedicated security teams
C. Large organization with high turnover
D. Small organization with little qualified staff
Which two (2) steps should an administrator take to guard against re-occurring threats? (Select two)
A. Confirm that daily active and weekly full scans take place on all endpoints
B. Verify that all endpoints receive scheduled Live-Update content
C. Use Power Eraser to clean endpoint Windows registries
D. Add endpoints to a high security group and assign a restrictive Antimalware policy to the group
E. Quarantine affected endpoints
Which Firewall Stealth setting prevents OS fingerprinting by sending erroneous OS information back to the attacker?
A. Disable OS fingerprint profiling
B. Disable OS fingerprint detection
C. Enable OS fingerprint masqueradi
D. Enable OS fingerprint protection
An administrator is evaluating an organization's computers for an upcoming SES deployment. Which computer meets the pre-requisites for the SES client?
A. A computer running Mac OS X 10.8 with 500 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
B. A computer running Mac OS X 10.14 with 400 MB of disk space, 4 GB of RAM, and an Intel Core 2 Duo 64-bit processor
C. A computer running Windows 10 with 400 MB of disk space, 2 GB of RAM, and a 2.4 GHz Intel Pentium 4 processor
D. A computer running Windows 8 with 380 MB of disk space, 2 GB of RAM, and a 2.8 GHz Intel Pentium 4 processor
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 250-561 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.