During a recent virus outbreak, an Incident Responder found that the Incident Response team was successful in identifying malicious domains that were communicating with the infected endpoints. Which two options should the Incident Responder select to prevent endpoints from communicating with malicious domains? (Select two.)
A) Use the isolate command in ATP to move all endpoints to a quarantine network.
B) Blacklist suspicious domains in the ATP manager.
C) Deploy a High-Security Antivirus and Antispyware policy in the Symantec Endpoint Protection Manager (SEPM) .
D) Create a firewall rule in the Symantec Endpoint Protection Manager (SEPM) or perimeter firewall that blocks traffic to the domain.
E) Run a full system scan on all endpoints.
Correct Answer:
Verified
Q97: Malware is currently spreading through an organization's
Q98: Which default port does ATP use to
Q99: A medium-sized organization with 10,000 users at
Q100: What is the role of Vantage within
Q101: An Incident Responder added a file's MD5
Q103: Which two non-Symantec methods for restricting traffic
Q104: In which scenario should an Incident Responder
Q105: An organization is considering an ATP: Endpoint
Q106: An ATP administrator is setting up an
Q107: ATP detects a threat phoning home to
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents