Broadcom 250-561 Exam Practice Test Instant Access

Question 1

An administrator suspects that several computers have become part of a botnet. What should the administrator do to detect botnet activity on the network?

AEnable the Command and Control Server Firewall

BAdd botnet related signatures to the IPS policy's Audit Signatures list

CEnable the IPS policy's Show notification on the device setting

DSet the Antimalware policy's Monitoring Level to 4

Answer : A

Question 2

Which term or expression is utilized when adversaries leverage existing tools in the environment?

Aopportunistic attack

Bscript kiddies

Cliving off the land

Dfile-less attack

Answer : B

Question 3

Which report template includes a summary of risk distribution by devices, users, and groups?

ADevice Integrity

BThreat Distribution

CComprehensive

DWeekly

Answer : B

Question 4

Which device page should an administrator view to track the progress of an issued device command?

ACommand Status

BCommand History

CRecent Activity

DActivity Update

Answer : C

Question 5

Which security threat uses malicious code to destroy evidence, break systems, or encrypt data?

AExecution

BPersistence

CImpact

DDiscovery

Answer : A

Question 6

An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.

What should the administrator do?

AAdd the file SHA1 to a blacklist policy

BIncrease the Antimalware policy Intensity to Level 5

CAdd the filename and SHA-256 hash to a Blacklist policy

DAdjust the Antimalware policy age and prevalence settings

Answer : D

Question 7

What does SES's advanced search feature provide when an administrator searches for a specific term?

AA search modifier dialog

BA search wizard dialog

CA suggested terms dialog

DA search summary dialog

Answer : A

Broadcom 250-561 Endpoint Security Complete - R1 Technical Specialist Exam Practice Test