Spring Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

  1. Home
  2. Symantec
  3. Symantec SCS Certification
  4. 250-561
  5. Endpoint Security Complete - Administration R1 Questions and Answers

250-561 Endpoint Security Complete - Administration R1 Questions and Answers

Questions 4

What happens when an administrator blacklists a file?

Options:

A.

The file is assigned to the Blacklist task list

B.

The file is automatically quarantined

C.

The file is assigned to a chosen Blacklist policy

D.

The file is assigned to the default Blacklist policy

Buy Now
Questions 5

In the ICDm, administrators are assisted by the My Task view. Which automation type creates the tasks within the console?

Options:

A.

Artificial Intelligence

B.

Machine Learning

C.

Advanced Machine Learning

D.

Administrator defined rules

Buy Now
Questions 6

Which IPS Signature type is Primarily used to identify specific unwanted traffic?

Options:

A.

Attack

B.

Probe

C.

Audit

D.

Malcode

Buy Now
Questions 7

A user downloads and opens a PDF file with Adobe Acrobat. Unknown to the user, a hidden script in the file begins downloading a RAT.

Which Anti-malware engine recognizes that this behavior is inconsistent with normal Acrobat functionality, blocks the

behavior and kills Acrobat?

Options:

A.

SONAR

B.

Sapient

C.

IPS

D.

Emulator

Buy Now
Questions 8

Which type of security threat is used by attackers to exploit vulnerable applications?

Options:

A.

Lateral Movement

B.

Privilege Escalation

C.

Command and Control

D.

Credential Access

Buy Now
Questions 9

Which alert rule category includes events that are generated about the cloud console?

Options:

A.

Security

B.

Diagnostic

C.

System

D.

Application Activity

Buy Now
Questions 10

Which policy should an administrator edit to utilize the Symantec LiveUpdate server for pre-release content?

Options:

A.

The Firewall Policy

B.

The System Schedule Policy

C.

The System Policy

D.

The LiveUpdate Policy

Buy Now
Questions 11

An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.

What should the administrator do?

Options:

A.

Add the file SHA1 to a blacklist policy

B.

Increase the Antimalware policy Intensity to Level 5

C.

Add the filename and SHA-256 hash to a Blacklist policy

D.

Adjust the Antimalware policy age and prevalence settings

Buy Now
Questions 12

Which statement best describes Artificial Intelligence?

Options:

A.

A program that automates tasks with a static set of instructions

B.

A program that can predict when a task should be performed

C.

A program that is autonomous and needs training to perform a task

D.

A program that learns from experience and perform autonomous tasks

Buy Now
Questions 13

What version number is assigned to a duplicated policy?

Options:

A.

One

B.

Zero

C.

The original policy ' s number plus one

D.

The original policy ' s version numb

Buy Now
Questions 14

Which security control is complementary to IPS, providing a second layer of protection against network attacks?

Options:

A.

Host Integrity

B.

Antimalware

C.

Firewall

D.

Network Protection

Buy Now
Questions 15

Which two (2) steps should an administrator take to guard against re-occurring threats? (Select two)

Options:

A.

Confirm that daily active and weekly full scans take place on all endpoints

B.

Verify that all endpoints receive scheduled Live-Update content

C.

Use Power Eraser to clean endpoint Windows registries

D.

Add endpoints to a high security group and assign a restrictive Antimalware policy to the group

E.

Quarantine affected endpoints

Buy Now
Questions 16

Which URL is responsible for notifying the SES agent that a policy change occurred in the cloud console?

Options:

A.

spoc.norton.com

B.

stnd-ipsg.crsi-symantec.com

C.

ent-shasta.rrs-symantec.com

D.

ocsp.digicert.com

Buy Now
Questions 17

An endpoint fails to retrieve content updates.

Which URL should an administrator test in a browser to determine if the issue is network related?

Options:

A.

https://liveupdate.symantec,com/livetri.zi

B.

http://update.symantec.com/livetri.zip

C.

https://spocsymantec.com/livetri.zip

D.

https://update.symantec.com/livetri.zip

Buy Now
Questions 18

An administrator suspects that several computers have become part of a botnet. What should the administrator do to detect botnet activity on the network?

Options:

A.

Enable the Command and Control Server Firewall

B.

Add botnet related signatures to the IPS policy ' s Audit Signatures list

C.

Enable the IPS policy ' s Show notification on the device setting

D.

Set the Antimalware policy ' s Monitoring Level to 4

Buy Now
Questions 19

An endpoint is offline, and the administrator issues a scan command. What happens to the endpoint when it restarts, if it lacks connectivity?

Options:

A.

The system is scanning when started.

B.

The system downloads the content without scanning.

C.

The system starts without scanning.

D.

The system scans after the content update is downloaded.

Buy Now
Questions 20

Which statement best defines Machine Learning?

Options:

A.

A program that needs user input to perform a task.

B.

A program that teams from observing other programs.

C.

A program that learns from experience to optimize the output of a task.

D.

A program that require data to perform a task.

Buy Now
Questions 21

Which report template type should an administrator utilize to create a daily summary of network threats detected?

Options:

A.

Network Risk Report

B.

Blocked Threats Report

C.

Intrusion Prevention Report

D.

Access Violation Report

Buy Now
Exam Code: 250-561
Exam Name: Endpoint Security Complete - Administration R1
Last Update: May 18, 2026
Questions: 70

PDF + Testing Engine

$64.99  $185.69
buy now 250-561 pdf + testing engine

Testing Engine

$49.99  $142.83
buy now 250-561 testing engine

PDF (Q&A)

$54.99  $157.11
buy now 250-561 pdf