最新なSymantec 250-441問題集（96題）、真実試験の問題を全部にカバー！

質問 1：
Which access credentials does an ARP Administrator need to set up a deployment of ATP: Endpoint , Network and Email?
A. Credentials for the Symantec Endpoint protection Manager (SEPM) database, and an administrator loging or Symantec Messaging Gateway
B. Email security. Cloud credential for email correlation, credential for the Symantec Endpoint Protection Manager (SEPM) database, and System Administrator logging for the SEPM.
C. Active Directory logging to the Symantec endpoint Protection Manager (SEPM) database and an Email Security. Cloud login with full access
D. Symantec Endpoint protection Manager (SEPM) login and ATP: Email login with service permissions
正解：B

質問 2：
Which best practice does Symantec recommend with the Endpoint Detection and Response feature?
A. Create a unique Cynic account to provide to ATP
B. Create a unique Symantec Protection Manager (SEPM) administrator account to provide to ATP
C. Create a unique Symantec Messaging Gateway account to provide to ATP
D. Create a unique Email Security.cloud portal account to provide to ATP
正解：B

質問 3：
In which scenario should an Incident Responder manually submit a file to the Cynic portal?
A. There is a file on a USB that an Incident Responder wants to analyze in a sandbox.
B. An Incident Responder is unable to remember the password to the .zip archive.
C. The file has generated multiple incidents in the ATP manager and an Incident Responder wants to blacklist the file.
D. The file is a legitimate application and an Incident Responder wants to report it to Symantec as a false positive.
正解：D

質問 4：
Which stage of an Advanced Persistent Threat (APT) attack do attackers send information back to the home base?
A. Capture
B. Incursion
C. Discovery
D. Exfiltration
正解：D

質問 5：
What occurs when an endpoint fails its Host Integrity check and is unable to remediate?
A. The endpoint automatically switches to using a Host Integrity location, where a Host Integrity policy is applied to the computer.
B. The endpoint automatically switches to using a Compliance location, where a Compliance policy is applied to the computer.
C. The endpoint automatically switches to using a Quarantine location, where a Quarantine policy is applied to the computer.
D. The endpoint automatically switches to using a System Lockdown location, where a System Lockdown policy is applied to the computer.
正解：C

質問 6：
Which final steps should an Incident Responder take before using ATP to rejoin a remediated endpoint to the network, according to Symantec best practices?
A. Run Windows Update to patch the system with the latest service pack. Once the system is up-to-date, rejoin the computer to the production network.
B. Run an additional antivirus scan with the latest definitions. If the scan comes back as clean, rejoin the computer to the production network.
C. Use SymDiag to run a Threat Scan Analysis on the machine. Once the analysis comes back as clean, rejoin the computer to the production network.
D. Upgrade the client to the latest version of SEP. Once the client is upgraded, rejoin the computer to the production network.
正解：D

質問 7：
A large company has 150,000 endpoints with 12 SEP sites across the globe. The company now wants to implement ATP: Endpoint to improve their security. However, a consultant recently explained that the company needs to implement more than one ATP manager.
Why does the company need more than one ATP manager?
A. An ATP manager needs to be installed at each location where a Symantec Endpoint Protection Manager (SEPM) is located.
B. An ATP manager can only support 30,000 SEP clients
C. An ATP manager can only connect to a SQL backend
D. An ATP manager can only support 10 SEP site connections.
正解：A