Multiple Choice
Why is it important for an Incident Responder to copy malicious files to the ATP file store or create an image of the infected system during the Recovery phase?
A) To have a copy of the file policy enforcement
B) To test the effectiveness of the current assigned policy settings in the Symantec Endpoint Protection Manager (SEPM)
C) To create custom IPS signatures
D) To document and preserve any pieces of evidence associated with the incident
Correct Answer:
Verified
Correct Answer:
Verified
Q155: How does an attacker use a zero-day
Q156: You have designed a tiered storage environment
Q157: An ATP Administrator set up ATP: Network
Q158: While working under VxVM control, you discover
Q159: What is the primary benefit of using
Q161: In which type of physical deployment does
Q162: An administrator is tasked with implementing an
Q163: An administrator is applying a newly created
Q164: Which two non-Symantec methods for restricting traffic
Q165: What is the primary vector for the