clapgeek logo
Which endpoint detection method allows for information about triggered processes to be displayed in ATP?
Which prerequisite is necessary to extend the ATP: Network solution service in order to correlate email
detections?
What are the prerequisite products needed when deploying ATP: Endpoint, Network, and Email?
An organization recently deployed ATP and integrated it with the existing SEP environment. During an outbreak, the Incident Response team used ATP to isolate several infected endpoints. However, one of the endpoints could NOT be isolated.
Which SEP protection technology is required in order to use the Isolate and Rejoin features in ATP?
Which two widgets can an Incident Responder use to isolate breached endpoints from the Incident details
page? (Choose two.)
An Incident Responder discovers an incident where all systems are infected with a file that has the same name and different hash. As a result, the organism view has multiple entries for the malicious file.
What is causing this issue?
Which SEP technology does an Incident Responder need to enable in order to enforce blacklisting on an
endpoint?
How should an ATP Administrator configure Endpoint Detection and Response according to Symantec best practices for a SEP environment with more than one domain?
Why is it important for an Incident Responder to analyze an incident during the Recovery phase?
What impact does changing from Inline Block to SPAN/TAP mode have on blacklisting in ATP?
TESTED 21 Nov 2024