Multiple Choice
An Incident Responder wants to create a timeline for a recent incident using Syslog in addition to ATP for the After Actions Report. What are two reasons the responder should analyze the information using Syslog? (Choose two.)
A) To have less raw data to analyze
B) To evaluate the data, including information from other systems
C) To access expanded historical data
D) To determine what policy settings to modify in the Symantec Endpoint Protection Manager (SEPM)
E) To determine the best cleanup method
Correct Answer:
Verified
Correct Answer:
Verified
Q234: An incident responder needs to change the
Q235: Which Email Security.cloud scanning technology is able
Q236: Which two (2) plug-ins are used by
Q237: Which three are the database agents that
Q238: What is the minimum amount of RAM
Q240: On your Storage Foundation 5.0 server, a
Q241: Which two widgets can an Incident Responder
Q242: The chief information security officer (CISO) is
Q243: A network administrator needs to be notified
Q244: What does a Quarantine Firewall policy enable