Symantec 250-580 Actual Free Exam Questions & Community Discussion

A company uses a remote administration tool that is detected as Hacktool.KeyLoggPro and quarantined by Symantec Endpoint Protection (SEP).
Which step can an administrator perform to continue using the remote administration tool without detection by SEP?

Which SES feature helps administrators apply policies based on specific endpoint profiles?

Which term or expression is utilized when adversaries leverage existing tools in the environment?

How would an administrator specify which remote consoles and servers have access to the management server?

What is the purpose of a Threat Defense for Active Directory Deceptive Account?

What SEP feature is leveraged when configuring custom IPS?

When a SEPM is enrolled in ICDm, which policy can only be managed from the cloud?

The SES Intrusion Prevention System has blocked an intruder's attempt to establish an IRC connection inside the firewall. Which Advanced Firewall Protection setting should an administrator enable to prevent the intruder's system from communicating with the network after the IPS detection?

An administrator changes the Virus and Spyware Protection policy for a specific group that disables Auto- Protect. The administrator assigns the policy and the client systems apply the corresponding policy serial number. Upon visual inspection of a physical client system, the policy serial number is correct. However, Auto-Protect is still enabled on the client system.
Which action should the administrator take to ensure that the desired setting is in place for the client?

Which security control is complementary to IPS, providing a second layer of protection against network attacks?

Which SEP feature is required for using the SEDR Isolate function?