NO.38 Which framework, open and available to any administrator, is utilized to categorize adversarial tactics and for each phase of a cyber attack?

NO.39 A user downloads and opens a PDF file with Adobe Acrobat. Unknown to the user, a hidden script in the file begins downloading a RAT.
Which Anti-malware engine recognizes that this behavior is inconsistent with normal Acrobat functionality, blocks the behavior and kills Acrobat?

NO.40 Which antimalware intensity level is defined by the following: “Blocks files that are most certainly bad or potentially bad files. Results in a comparable number of false positives and false negatives.”

NO.41 An administrator is evaluating an organization’s computers for an upcoming SES deployment. Which computer meets the pre-requisites for the SES client?

NO.42 The ICDm has generated a blacklist task due to malicious traffic detection. Which SES component was utilized to make that detection?

NO.43 Which device page should an administrator view to track the progress of an issued device command?

NO.44 Which two (2) Discovery and Deploy features could an administrator use to enroll MAC endpoints? (Select two)

NO.45 Which rule types should be at the bottom of the list when an administrator adds device control rules?

NO.46 An administrator learns of a potentially malicious file and wants to proactively prevent the file from ever being executed.
What should the administrator do?

NO.47 Which option should an administrator utilize to temporarily or permanently block a file?

NO.48 What option must an administrator choose when rolling back a policy assignment to a previous version?

NO.49 In the ICDm, administrators are assisted by the My Task view. Which automation type creates the tasks within the console?

NO.50 Which alert rule category includes events that are generated about the cloud console?

NO.51 An administrator selects the Discovered Items list in the ICDm to investigate a recent surge in suspicious file activity. What should an administrator do to display only high risk files?

NO.52 What are the Exploit Mitigation security control’s mitigation techniques designed to prevent?

NO.53 Which type of organization is likely to be targeted with emerging threats?

NO.54 Which default role has the most limited permission in the Integrated Cyber Defense Manager?

NO.55 Which term or expression is utilized when adversaries leverage existing tools in the environment?

NO.56 Which file should an administrator create, resulting Group Policy Object (GPO)?

NO.57 Why would an administrator choose the Server-optimized installation option when creating an installation package?