Decide Fast & Get 50% Flat Discount | Limited Time Offer - Ends In 0d 00h 00m 00s Coupon code: SAVE50

Master Broadcom 250-580 Exam with Reliable Practice Questions

Page: 1 out of Viewing questions 1-5 out of 150 questions
Last exam update: Nov 19,2024
Upgrade to Premium
Question 1

What methods should an administrator utilize to restore communication on a client running SEP for Mac?


Correct : A

To restore communication on a client running Symantec Endpoint Protection (SEP) for Mac, an administrator should use the Client Deployment Wizard to push out a communications package. This package re-establishes communication settings with the Symantec Endpoint Protection Manager (SEPM), ensuring the client can connect to the management server.

Why Use Client Deployment Wizard:

The Client Deployment Wizard allows administrators to deploy the communication settings (Sylink.xml) needed for the SEP client to reconnect to SEPM, re-establishing proper communication channels.

Why Other Options Are Less Suitable:

Sylink Drop Tool (Option B) is primarily used on Windows, not macOS.

SSH command (Option C) is not relevant for restoring SEPM communication settings.

Third-Party Deployment (Option D) is unnecessary when the Client Deployment Wizard is available.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 2

Which technique randomizes the memory address map with Memory Exploit Mitigation?


Correct : C

ASLR (Address Space Layout Randomization) is a security technique used in Memory Exploit Mitigation that randomizes the memory address map for processes. By placing key data areas at random locations in memory, ASLR makes it more difficult for attackers to predict the locations of specific functions or buffers, thus preventing exploitation techniques that rely on fixed memory addresses.

How ASLR Enhances Security:

ASLR rearranges the location of executable code, heap, stack, and libraries each time a program is run, thwarting attacks that depend on known memory locations.

Why Other Options Are Incorrect:

ForceDEP (Option A) enforces Data Execution Prevention but does not randomize addresses.

SEHOP (Option B) mitigates exploits by protecting exception handling but does not involve address randomization.

ROPHEAP (Option D) refers to Return-Oriented Programming attacks rather than a mitigation technique.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 3

Which default role has the most limited permission in the Integrated Cyber Defense Manager?


Correct : C

The Restricted Administrator role in the Integrated Cyber Defense Manager (ICDm) has the most limited permissions among the default roles. This role is intended for users who need access to basic functionality without any critical or high-level administrative capabilities, ensuring a lower risk of accidental or unauthorized changes.

Role of Restricted Administrator:

Restricted Administrators have highly constrained access, typically limited to viewing specific information and performing minimal actions.

Why Other Roles Are Incorrect:

Endpoint Console Domain Administrator (Option A) and Server Administrator (Option B) have broader permissions to manage endpoint settings and server configurations.

Limited Administrator (Option D) has more permissions than Restricted Administrator, though still not full access.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 4

Where in the Attack Chain does Threat Defense for Active Directory provide protection?


Correct : A

Threat Defense for Active Directory (TDAD) provides protection primarily at the Attack Surface Reduction stage in the Attack Chain. TDAD focuses on minimizing the exposure of Active Directory by deploying deceptive measures, such as honeypots and decoy objects, which limit the opportunities for attackers to exploit AD vulnerabilities or gather useful information. By reducing the visible attack surface, TDAD makes it more difficult for attackers to successfully initiate or escalate attacks within the AD environment.

Function of Attack Surface Reduction:

Attack Surface Reduction involves implementing controls and deceptive elements that obscure or complicate access paths for potential attackers.

TDAD's deception techniques and controls help divert and confuse attackers, preventing them from finding or exploiting AD-related assets.

Why Other Options Are Incorrect:

Attack Prevention (Option B) and Detection and Response (Option C) occur later in the chain, focusing on mitigating and reacting to detected threats.

Breach Prevention (Option D) encompasses a broader strategy and does not specifically address TDAD's role in reducing AD exposure.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500
Question 5

What does the MITRE ATT&CK Matrix consist of?


Correct : C

The MITRE ATT&CK Matrix consists of Tactics and Techniques. Tactics represent the 'why' or goals behind each step of an attack, while Techniques represent the 'how,' describing the specific methods adversaries use to achieve their objectives. Together, they form a comprehensive framework for understanding and categorizing attacker behavior.

Structure of the MITRE ATT&CK Matrix:

Tactics: High-level objectives attackers seek to achieve (e.g., initial access, execution, persistence).

Techniques: Specific methods used to accomplish each tactic (e.g., phishing, credential dumping).

Why Other Options Are Incorrect:

Problems and Solutions (Option A) do not capture the functional structure of ATT&CK.

Attackers and Techniques (Option B) lacks the tactics component.

Entities and Tactics (Option D) does not describe ATT&CK's approach to categorizing attacker actions.


Options Selected by Other Users:
Mark Question:

Start a Discussions

Submit Your Answer:
0 / 1500