A user downloads and opens a PDF file with Adobe Acrobat. Unknown to the user, a hidden script in the file begins downloading a RAT.
Which Anti-malware engine recognizes that this behavior is inconsistent with normal Acrobat functionality, blocks the behavior and kills Acrobat?
A. SONAR
B. Sapient
C. IPS
D. Emulator
Which alert rule category includes events that are generated about the cloud console?
A. Security
B. Diagnostic
C. System
D. Application Activity
In the ICDm, administrators are assisted by the My Task view. Which automation type creates the tasks within the console?
A. Artificial Intelligence
B. Machine Learning
C. Advanced Machine Learning
D. Administrator defined rules
What is the frequency of feature updates with SES and the Integrated Cyber Defense Manager (ICDm)
A. Monthly
B. Weekly
C. Quarterly
D. Bi-monthly
An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity. What should an administrator do to display only high risk files?
A. Apply a list control
B. Apply a search rule
C. Apply a list filter
D. Apply a search modifier
What characterizes an emerging threat in comparison to traditional threat?
A. Emerging threats use new techniques and 0-day vulnerability to propagate.
B. Emerging threats requires artificial intelligence to be detected.
C. Emerging threats are undetectable by signature based engines.
D. Emerging threats are more sophisticated than traditional threats.
Which technique randomizes the e memory address map with Memory Exploit Mitigation?
A. SEHOP
B. ROPHEAP
C. ASLR
D. ForceDEP
What should an administrator know regarding the differences between a Domain and a Tenant in ICDm?
A. A tenant can contain multiple domains
B. A domain can contain multiple tenants
C. Each customer can have one domain and many tenant
D. Each customer can have one tenant and many domains
Which Anti-malware technology should an administrator utilize to expose the malicious nature of a file created with a custom packet?
A. Sandbox
B. SONAR
C. Reputation
D. Emulator
An administrator must create a custom role in ICDm.
Which area of the management console is able to have access restricted or granted?
A. Policy Management
B. Hybrid device management
C. Agent deployment
D. Custom Dashboard Creation
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 250-561 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.