Broadcom Endpoint Security Complete Technical Specialist Exam Syllabus

Endpoint Security Complete Technical Specialist PDF, 250-580 Dumps, 250-580 PDF, Endpoint Security Complete Technical Specialist VCE, 250-580 Questions PDF, Broadcom 250-580 VCE, Broadcom Endpoint Security Complete Technical Specialist Dumps, Broadcom Endpoint Security Complete Technical Specialist PDFUse this quick start guide to collect all the information about Broadcom Endpoint Security Complete Technical Specialist (250-580) Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the 250-580 Symantec Endpoint Security Complete - R2 Technical Specialist exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual Broadcom Endpoint Security Complete Technical Specialist certification exam.

The Broadcom Endpoint Security Complete Technical Specialist certification is mainly targeted to those candidates who want to build their career in Endpoint Security domain. The Broadcom Endpoint Security Complete - R2 Technical Specialist exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of Broadcom Endpoint Security Complete Technical Specialist.

Broadcom Endpoint Security Complete Technical Specialist Exam Summary:

Exam Name Broadcom Endpoint Security Complete - R2 Technical Specialist
Exam Code 250-580
Exam Price $250 (USD)
Duration 180 mins
Number of Questions 150
Passing Score 70%
Books / Training Endpoint Protection 14.x Administration R1
Endpoint Protection 14.2 Maintain and Troubleshoot
Endpoint Detection and Response 4.x Planning, Implementation and Administration R1
Schedule Exam Broadcom
Sample Questions Broadcom Endpoint Security Complete Technical Specialist Sample Questions
Practice Exam Broadcom 250-580 Certification Practice Exam

Broadcom 250-580 Exam Syllabus Topics:

Topic Details
Introduction to Symantec Endpoint Security Complete - Understand SES Complete Architecture.
- Describe the benefits of SES Complete Cloud-based management.
- Describe the various methods for enrolling SES endpoint agents.
Configuring SES Complete Security Controls - Understand how policies are used to protect endpoint devices.
- Understand the Threat landscape and the MITRE ATT&CK Framework.
- Describe how SES Complete can be used in preventing an attacker from accessing the environment.
- Describe how SES Complete prevents threat execution.
- Describe how SES Complete prevents threat persistence.
- Describe how SES Complete prevents privilege escalation.
- Describe how SES Complete prevents defense evasion.
- Describe how SES Complete prevents device discovery.
- Describe how SES Complete blocks Command & Control communication.
- Describe how SES Complete works to block data exfiltration.
- Describe SES Complete content update types and how they are distributed to endpoints.
- Describe SES Complete policy versioning and its use.
Responding to Threats with ICDm - Describe the ICDm security control dashboards and their use.
- Understand how ICDm is used to identify threats in the environment.
- Describe the incident lifecycle and steps required to identify a threat.
- Describe the ways in which ICDm can be used to remediate threats.
- Describe how to use ICDm to configure administrative reports.
Endpoint Detection and Response - Describe the requirements to enable Endpoint Detection and Response in the ICDm management console.
- Describe how EDR assists in identifying suspicious and malicious activity.
- Describe how EDR aids in investigating potential threats.
- Describe the configuration and use of the Endpoint Activity Recorder.
- Understand the use of LiveShell for incident response.
- Describe how to use EDR to retrieve and submit files for analysis.
- Describe how EDR can be used to quarantine endpoint devices.
- Describe how EDR can be used to block and quarantine suspicious files.
Attack Surface Reduction - Describe Behavior Prevalence the use of the SES Complete Behavioral Insights and Policy Tuning Widget.
- Describe how the SES Complete Heatmap can be used to prevent unwanted application behaviors.
- Describe SES Complete policy adaptations and behavioral tuning.
- Describe the SES Complete policy and device groups and how they are used.
- Describe the requirements to enable App Control in the ICDm management console.
- Describe the process of monitoring drift to further tune App Control policies.
Mobile and Modern Device Security - Describe the requirements to enable Network Integrity in the ICDm management console.
- Describe Network Integrity Policy Configuration and its use.
- Describe how Network Integrity works to remediate threats.
- Describe how SES Complete's mobile technologies protection against malicious apps.
- Describe how SES Complete's mobile technologies protection against malicious networks.
Threat Defense for Active Directory - Describe the requirements for Threat Defense for Active Directory Installation and Configuration.
- Describe the Threat Defense Active Directory policy and its use.
- Describe how Threat Defense for Active Directory is used to identify threats.
- Describe how Threat Defense for Active Directory protects against misconfigurations and vulnerabilities in an environment.
Working with a Hybrid Environment - Describe the process for policy migration from SEPM to the ICDm console.
- Describe policy precedence in a hybrid configuration.
- Understand how Sites and Replication are impacted in a Hybrid environment.
- Describe the requirements and process for SEPM integration with the ICDm platform used in a SES Complete Hybrid architecture.
Architecting and Sizing the SEP Implementation - Describe the Symantec Endpoint Protection components
- Determine proper placement for GUP, SEPM, and LUA for communication and content deployment
Preventing File-Based Attacks with SEP Layered Security - Explain common threats and security risks to the endpoint
Managing Client Architecture and Active Directory Integration - Explain how policies and concepts relate to the Symantec Endpoint Protection architecture
- Describe how to configure communication, general, and security settings
Managing Client-to-Server Communication - Identify how to verify client connectivity and find clients in the console
Introducing Content Updates Using LiveUpdate - Describe how to configure LiveUpdate policies
Managing Security Exceptions - Describe when and how to configure exceptions
- Explain the remediation actions for infected files
Preventing Attacks with SEP Layered Security - Describe how protection technologies interact and their dependencies
- Describe how to customize Firewall, Intrusion Prevention and Application and Device Control policies
Securing Windows Clients - Describe how to configure scheduled and ondemand scans
- Describe how to configure Auto-Protect for file systems/email clients
- Describe how to configure Insight and Download Insight
- Describe how to configure SONAR
Protecting Against Network Attacks and Enforcing Corporate Policies using the Firewall Policy - Describe how to configure the Firewall policy
Blocking Network Threats with Intrusion Prevention - Describe how to configure Intrusion Prevention policies
Controlling Application and File Access and Restricting Device Access for Windows and Mac Clients - Describe how to configure Application and Device Control policies
Installing the Symantec Endpoint Protection Manager - Explain when to install additional Symantec Endpoint Protection Managers and sites
Managing Replication and Failover - Describe how to edit server and site properties
Benefiting from a SEPM Disaster Recovery Plan - Explain the procedures for Symantec Endpoint Protection database management, backup, restore and Symantec Endpoint Protection disaster recovery
Monitoring the Environment and Responding to Threats - Describe how to create, view, and manage notifications
Managing Console Access and Delegating Authority - Describe how to manage administrator accounts and delegation of roles
Endpoint Detection and Response - Architecting and Sizing - Given a scenario, demonstrate knowledge of SEDR Architecture and Sizing considerations.
- Describe the capabilities and functions of Symantec EDR.
Implementation - Given a scenario, define the discrete components found within SEDR.
- Describe installation prerequisites, minimum solution configuration and installation procedures required to identify threats.
Detecting Threats - Describe installation prerequisites, minimum solution configuration and installation procedures required to identify threats.
- Describe the challenges faced when threat hunting in the environment and their resultant business objectives.
Investigating Threats - Describe the methods used to identify evidence of suspicious and malicious activity.
- Describe the various types of Indicators of Compromise (IoC) found in a typical environment.
- Describe the methods used to search for IOCs using SEDR.
Responding to Threats - Describe the methods SEDR uses to respond to threats in a typical environment.
- Describe installation prerequisites, minimum solution configuration and installation procedures required to isolate threats.
Reporting on Threats - Describe the methods used to create post incident reports and the benefits to forensic analysis it provides.
- Given a scenario, determine the appropriate method to create a post incident report using SEDR.

To ensure success in Broadcom Endpoint Security Complete Technical Specialist certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for Symantec Endpoint Security Complete - R2 Technical Specialist (250-580) exam.

Rating: 4.8 / 5 (102 votes)