Broadcom 250-580 Practice Exams
Last updated on Jun 12,2025- Exam Code: 250-580
- Exam Name: Endpoint Security Complete - R2 Technical Specialist
- Certification Provider: Broadcom
- Latest update: Jun 12,2025
What tool can administrators use to create custom behavioral isolation policies based on collected application behavior data?
- A . Behavioral Prevalence Check
- B . Behavioral Heat Map
- C . Application Catalog
- D . Application Frequency Map
An organization recently experienced an outbreak and is conducting a health check of the environment.
What Protection Technology can the SEP team enable to control and monitor the behavior of applications?
- A . Host Integrity
- B . System Lockdown
- C . Application Control
- D . Behavior Monitoring (SONAR)
What are the two (2) locations where an Incident Responder should gather data for an After Actions Report in SEDR? (Select two)
- A . Incident Manager
- B . Policies
- C . Syslog
- D . Action Manager
- E . Endpoint Search
What is the maximum number of SEPMs a single Management Platform is able to connect to?
- A . 50
- B . 10
- C . 5,000
- D . 500
What must be entered before downloading a file from ICDm?
- A . Name
- B . Password
- C . Hash
- D . Date
A user is unknowingly about to connect to a malicious website and download a known threat within a .rar file. All Symantec Endpoint Protection technologies are installed on the client’s system.
In which feature set order must the threat pass through to successfully infect the system?
- A . Download Insight, Firewall, IPS
- B . Firewall, IPS, Download Insight
- C . IPS, Firewall, Download Insight
- D . Download Insight, IPS, Firewall
What Threat Defense for Active Directory feature disables a process’s ability to spawn another process, overwrite a part of memory, run recon commands, or communicate to the network?
- A . Process Mitigation
- B . Process Protection
- C . Memory Analysis
- D . Threat Monitoring
Which EDR feature is used to search for real-time indicators of compromise?
- A . Domain search
- B . Endpoint search
- C . Cloud Database search
- D . Device Group search
Which action can an administrator take to improve the Symantec Endpoint Protection Manager (SEPM) dashboard performance and report accuracy?
- A . Decreasing the number of content revisions to keep
- B . Lowering the client installation log entries
- C . Rebuilding database indexes
- D . Limiting the number of backups to keep
Which statement demonstrates how Symantec EDR hunts and detects IoCs in the environment?
- A . Searching the EDR database and multiple data sources directly
- B . Viewing PowerShell processes
- C . Detecting Memory Exploits in conjunction with SEP
- D . Detonating suspicious files using cloud-based or on-premises sandboxing