March Sale Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Symantec 250-428 Dumps

Page: 1 / 5
Total 135 questions

Administration of Symantec Endpoint Protection 14 Questions and Answers

Question 1

A Symantec Endpoint Protection administrator is using System Lockdown in blacklist mode with a file fingerprint list. When testing a client, the administrator notices that at least one of the files on the list is allowed to execute.

What is the likely cause of the problem?

Options:

A.

The application has been upgraded.

B.

The Application and Device Control policy is in test mode.

C.

A file exception has been added to the Exceptions policy.

D.

The Application and Device Control policy is allowing the file to execute.

Question 2

Which Symantec Endpoint Protection component enables access to data through ad-hoc reports and charts with pivot tables?

Options:

A.

Symantec Protection Center

B.

Shared Insight Cache Server

C.

Symantec Endpoint Protection Manager

D.

IT Analytics

Question 3

In which two areas can host groups be used? (Select two.)

Options:

A.

Locations

B.

Download Insight

C.

IPS

D.

Application and Device Control

E.

Firewall

Question 4

An administrator configures the scan duration for a scheduled scan. The scan fails to complete in the specified time period.

When will the next scheduled scan occur on the computer?

Options:

A.

When the computer restarts

B.

At the next scheduled scan period

C.

Within the next hour

D.

When the user restarts the scan

Question 5

Which protection technology can detect botnet command and control traffic generated on the Symantec Endpoint Protection client machine?

Options:

A.

Intrusion Prevention

B.

Insight

C.

Risk Tracer

D.

SONAR

Question 6

How are Insight results stored?

Options:

A.

Encrypted on the Symantec Endpoint Protection Client

B.

Unencrypted on the Symantec Endpoint Protection Manager

C.

Encrypted on the Symantec Endpoint Protection Manager

D.

Unencrypted on the Symantec Endpoint Protection Client

Question 7

Which action can an administrator take to improve the Symantec Endpoint Protection Manager (SEPM) dashboard performance and report accuracy?

Options:

A.

Rebuilding database indexes

B.

Lowering the client installation log entries

C.

Limiting the number of backups to keep

D.

Decreasing the number of content revisions to keep

Question 8

A financial company enforces a security policy that prevents banking system workstations from connecting to the Internet.

Which Symantec Endpoint Protection technology is ineffective on this company's workstations?

Options:

A.

Insight

B.

Intrusion Prevention

C.

Network Threat Protection

D.

Browser Intrusion Prevention

Question 9

A managed service provider (MSP) is managing Symantec Endpoint Protection for a number of independent companies. Each company has administrators who will log in from time to time to add new clients. Administrators must be prevented from seeing the existence of other companies in the console.

What should an administrator create for each independent company?

Options:

A.

Domain

B.

Location

C.

Group

D.

Site

Question 10

An administrator reports that the Home, Monitors, and Report pages are absent in the Symantec Endpoint Protection Management console when the administrator logs on.

Which action should the administrator perform to correct the problem?

Options:

A.

Grant the Administrator Full Access to Root group of the organization

B.

Configure proxy settings for each server in the site

C.

Configure External Logging to Enable Transmission of Logs to a Syslog Server

D.

Grant View Reports permission to the administrator

Question 11

An administrator uses ClientSideClonePrepTool to clone systems and virtual machine deployment. What will the tool do when it is run on each system?

Options:

A.

run Microsoft SysPrep and removes all AntiVirus/AntiSpyware definitions

B.

disable Tamper Protect and deploys a Sylink.xml

C.

add a new Extended File Attribute value to all existing files

D.

remove unique Hardware IDs and GUIDs from the system

Question 12

The LiveUpdate Download Schedule is set to the default on the Symantec Endpoint Protection Manager (SEPM).

How many content revisions must the SEPM keep to ensure clients that check in to the SEPM every 10 days receive delta content packages instead of full content packages?

Options:

A.

10

B.

30

C.

20

D.

60

Question 13

Where can an administrator obtain the Sylink.xml file?

Options:

A.

C:\Program Files\Symantec\Symantec Endpoint Protection\ folder on the client

B.

C:\Program Files\Symantec\Symantec Endpoint Protection\Manager\data\inbox\agent\ folder on the Symantec Endpoint Protection Manager

C.

by selecting the client group and exporting the communication settings in the Symantec Endpoint Protection Manager Console

D.

by selecting the location and exporting the communication settings in the Symantec Endpoint Protection Manager Console

Question 14

You have executed the vxdg -g diskgroup adddisk disk_name= command.

Which switch needs to be added to force VxVM to take the disk media name of the failed disk and assign it to the new replacement disk?

Options:

A.

-force

B.

-k

C.

-f

D.

-assign

Question 15

When can an administrator add a new replication partner?

Options:

A.

immediately following the first LiveUpdate session of the new site

B.

during a Symantec Endpoint Protection Manager upgrade

C.

during the initial install of the new site

D.

immediately following a successful Active Directory sync

Question 16

What happens when the license expires in Symantec Endpoint Protection 14 Enterprise Edition?

Options:

A.

Group Update Providers (GUP) stop

B.

Symantec Insight is disabled

C.

Content updates continue

D.

LiveUpdate stops

Question 17

An organization has several remote location with minimum bandwidth and would like to use a content distribution method that does NOT involve configuring as internal LiveUpdate server.

What content distribution method should be utilized?

Options:

A.

External LiveUpdate

B.

Management Server

C.

Intelligent Updater

D.

Group Update Provider

Question 18

Employees of an accounting company often take their notebooks to customer sites. The administrator needs to apply a different firewall policy when the notebooks are disconnected from the accounting company's network.

What must the administrator configure to use the two different policies?

Options:

A.

Groups

B.

Domains

C.

Sites

D.

Locations

Question 19

In the virus and Spyware Protection policy, an administrator sets the First action to Clean risk and sets If first action fails to Delete risk.

Which two factors should the administrator consider? (Select two.)

Options:

A.

The deleted file may still be in the Recycle Bin.

B.

IT Analytics may keep a copy of the file for investigation.

C.

False positives may delete legitimate files.

D.

Insight may back up the file before sending it to Symantec.

E.

A copy of the threat may still be in the quarantine.

Question 20

What report should a SEP administrator utilize to verify that Clients are connected to the management server?

Options:

A.

Client Inventory

B.

Client Online Status

C.

Client Migration

D.

Audit report

Page: 1 / 5
Total 135 questions