250-441 무료 덤프문제 온라인 액세스

An Incident Responder runs an endpoint search on a client group with 100 endpoints. After one day, the responder sees the results for 90 endpoints.
What is a possible reason for the search only returning results for 90 of 100 endpoints?

• A.The search expired after one hour
• B.The search returned 0 results on 10 endpoints
• C.10 endpoints are offline
• D.10 endpoints restarted and cancelled the search

An Incident Responder wants to run a database search that will list all client named starting with SYM.
Which syntax should the responder use?

• A.hostname like "SYM*"
• B.hostname "SYM"
• C.hostname "SYM*"
• D.hostname like "SYM"

An Incident Responder has reviewed a STIX report and now wants to ensure that their systems have NOT been compromised by any of the reported threats.
Which two objects in the STIX report will ATP search against? (Choose two.)

• A.SHA-1 hash
• B.MAC address
• C.Registry entry
• D.MD5 hash
• E.SHA-256 hash

Which prerequisite is necessary to extend the ATP: Network solution service in order to correlate email detections?

• A.Symantec Messaging Gateway
• B.Web security.cloud
• C.Skeptic
• D.Email Security.cloud

A large company has 150,000 endpoints with 12 SEP sites across the globe. The company now wants to implement ATP: Endpoint to improve their security. However, a consultant recently explained that the company needs to implement more than one ATP manager.
Why does the company need more than one ATP manager?

• A.An ATP manager can only connect to a SQL backend
• B.An ATP manager can only support 30,000 SEP clients
• C.An ATP manager can only support 10 SEP site connections.
• D.An ATP manager needs to be installed at each location where a Symantec Endpoint Protection Manager (SEPM) is located.