Free Preparation Discussions
MENU
Broadcom 250-441 Exam Questions
- Topic 1: Describe Advanced Persistent Threats (Apts), Including Components And Examples Of These Threats
- Topic 2: Describe The Stages Of An Attack/ Describe The Best Practices For Protecting Your Organization
- Topic 3: Describe The Use Cases For Each Of The Components That Make Up The ATP Platform
- Topic 4: Given A Scenario, Determine The Appropriate Architecture And Sizing For An ATP Installation
- Topic 5: Determine Where To Go To Collect The Information Needed (E.G., Dashboard, Incident Manager, Settings)
- Topic 6: Describe The Three Account Types In ATP/ Describe The Prerequisites For ATP Email, Endpoint, And Network
- Topic 7: Given A Scenario, Determine The Appropriate Global Setting Configurations/ Describe The Types Of Information That You Can Find In The Dashboard
- Topic 8: Determine How To Configure Symantec Endpoint Protection (SEP) To Communicate With ATP
- Topic 9: Determine The Appropriate Configuration Settings For ATP And SEP Detection And Response
- Topic 10: Given A Scenario, Determine The Appropriate Steps To Take To Successfully Search For Iocs/ Describe The Various Types Of Events That ATP Detects
- Topic 11: Given An Incident, Analyze The Incident And Determine Next Steps/ Describe The Different Types Of IOC Searches
- Topic 12: Determine Where In The Dashboard To Go To View Recent Activity/Incidents, Determine How To Isolate Breached Endpoints
- Topic 13: Determine Which Action To Take In Order To Remediate Malicious Files/ Describe The Process For Manually Submitting Files To Cynic For Analysis
- Topic 14: Describe The ATP Communication Processes/ Given A Scenario, Determine How To Blacklist Suspicious Domains, Urls, And IP Addresses
- Topic 15: Describe The Best Practices For Recovering From An Incident/ Given A Scenario, Describe How To Create An After Actions Report (AAR)
Free Broadcom 250-441 Exam Actual Questions
Note: Premium Questions for 250-441 were last updated On 06-12-2019 (see below)
An organization has five (5) shops with a few endpoints and a large warehouse where 98% of all computers are located. The shops are connected to the warehouse using leased lines and access internet through the warehouse network.
How should the organization deploy the network scanners to observe all inbound and outbound traffic based on Symantec best practices for Inline mode?
A customer has information about a malicious file that has NOT entered the network. The customer wants to know whether ATP is already aware of this threat without having to introduce a copy of the file to the infrastructure.
Which approach allows the customer to meet this need?
A network control point discovered a botnet phone-home attempt in the network stream.
Which detection method identified the event?
An organization recently deployed ATP and integrated it with the existing SEP environment. During an outbreak, the Incident Response team used ATP to isolate several infected endpoints. However, one of the endpoints could NOT be isolated.
Which SEP protection technology is required in order to use the Isolate and Rejoin features in ATP?
An Incident Responder observers and incident with multiple malware downloads from a malicious domain. The domain in question belongs to one of the organization suppliers. The organization to the site to continue placing orders. Network is configured in Inline Block mode?
How should the Incident responder proceed?
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Currently there are no comments in this discussion, be the first to comment!