250-580 Exam Dumps : Endpoint Security Complete - R2 Technical Specialist

Calculating storage requirements for Symantec Endpoint Security (SES) involves gathering specific information related to data retention and event storage needs. The required information includes:

Number of Endpoints:Determines the scale of data to be managed.

EAR Data per Endpoint per Day:Refers to the Endpoint Activity Recorder (EAR) data generated by each endpoint daily, affecting storage usage.

Number of Days to Retain:Indicates the data retention period, which impacts the total volume of stored data.

Number of Endpoint Dumps and Dump Size:These parameters define the size and number of memory dumps, which are essential for forensic analysis and troubleshooting.

This information allows accurate calculation of storage needs, ensuring adequate capacity for logs, dumps, and activity data.

To improveSymantec Endpoint Protection Manager (SEPM) dashboard performance and report accuracy, an administrator canrebuild database indexes. Indexes help in organizing the database for faster data retrieval, which enhances both the speed of dashboard displays and the accuracy of reporting.

Effect of Rebuilding Database Indexes:

Rebuilding indexes optimizes the database’s performance by ensuring data is stored in an accessible and efficient manner. This directly impacts the responsiveness of the SEPM dashboard and improves reporting speed and accuracy.

Why Other Options Are Less Effective:

Decreasing content revisions(Option A) andlimiting backups(Option D) reduce disk usage but do not affect database performance.

Lowering client installation log entries(Option B) may reduce logging but does not directly improve dashboard performance.

References: Rebuilding database indexes is a standard maintenance task in SEPM to enhance dashboard and reporting performance​.

To integrateSymantec Endpoint Detection and Response (SEDR)withSymantec Endpoint Protection (SEP)effectively, the recommended configuration order isECC, Synapse, then Insight Proxy.

Order of Configuration:

ECC (Endpoint Communication Channel): This establishes the communication layer for SEDR and SEP integration, which is foundational for data exchange.

Synapse: This integration uses data from ECC to correlate threat intelligence and provide context to detected threats.

Insight Proxy: Configured last, Insight Proxy adds cloud-based file reputation lookups, enhancing detection capabilities with reputation scoring.

Why This Order is Effective:

Each component builds on the previous one, maximizing the value of integration by ensuring that foundational communication (ECC) is established before adding Synapse correlation and Insight Proxy reputation data.

References: Configuring ECC, Synapse, and Insight Proxy in this order is considered best practice for optimizing integration benefits between SEDR and SEP​.