How can an Incident Responder generate events for a site that was identified as malicious but has NOT triggered any events or incidents in ATP?
A. Assign a High-Security Antivirus and Antispyware policy in the Symantec Endpoint Protection Manager (SEPM).
B. Run an indicators of compromise (IOC) search in ATP manager.
C. Create a firewall rule in the Symantec Endpoint Protection Manager (SEPM) or perimeter firewall that blocks traffic to the domain.
D. Add the site to a blacklist in ATP manager.
|
Download Printable PDF. VALID exam to help you PASS. |
 |