New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Symantec 250-428 Administration of Symantec Endpoint Protection 14 Exam Practice Test

Page: 1 / 14
Total 135 questions

Administration of Symantec Endpoint Protection 14 Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$37.5  $124.99

PDF Study Guide

  • Product Type: PDF Study Guide
$33  $109.99
Question 1

Which two criteria should an administrator use when defining Location Awareness for the Symantec Endpoint Protection (SEP) client? (Select two.)

Options:

A.

NIC description

B.

SEP domain

C.

geographic location

D.

WINS server

E.

Network Speed

Question 2

Why does Power Eraser need Internet access?

Options:

A.

Validate root certificates on all portable executables (PXE) files

B.

Leverage Symantec Insight

C.

Ensure the Power Eraser tool is the latest release

D.

Look up CVE vulnerabilities

Question 3

Which settings can impact the Files trusted count?

Options:

A.

System Lockdown Whitelist in the Application and Device Control Policy

B.

File Cache settings in the Virus and Spyware Protection policy

C.

Insight settings in the Virus and Spyware Protection policy

D.

SONAR settings in the Virus and Spyware Protection policy

Question 4

A company has 10,000 Symantec Endpoint Protection (SEP) clients deployed using two Symantec Endpoint Protection Managers (SEPMs).

Which configuration is recommended to ensure that each SEPM is able to effectively handle the communications load with the SEP clients?

Options:

A.

Pull mode

B.

Push mode

C.

Server control mode

D.

Client control mode

Question 5

Which action can an administrator take to improve the Symantec Endpoint Protection Manager (SEPM) dashboard performance and report accuracy?

Options:

A.

Rebuilding database indexes

B.

Lowering the client installation log entries

C.

Limiting the number of backups to keep

D.

Decreasing the number of content revisions to keep

Question 6

A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team informs the administrator that a client system is making an FTP connection to a server. While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SET Traffic log or Packet log. While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process.

What is the most likely reason?

Options:

A.

The server is in the IPS policy excluded hosts list.

B.

The block rule is below the blue line.

C.

Peer-to-peer authentication is allowing the traffic.

D.

The server has an IPS exception for that traffic.

Question 7

Which two are policy types within the Symantec Endpoint Protection Manager? (Select two.)

Options:

A.

Intrusion Prevention

B.

Exceptions

C.

Process Control

D.

Shared Insight

E.

Host Protection

Question 8

A company has a small number of systems in their Symantec Endpoint Protection Manager (SEPM) group with federal mandates that AntiVirus definitions undergo a two week testing period. After being loaded on the client, the tested virus definitions must remain unchanged on the client systems until the next set of virus definitions have completed testing. All other clients must remain operational on the most recent definition sets. An internal LiveUpdate Server has been considered as too expensive to be a solution for this company.

What should be modified on the SEPM to meet this mandate?

Options:

A.

The LiveUpdate Content policy for this group should be modified to use a specific definition revision.

B.

The LiveUpdate Settings policy for this group should be modified to use an Explicit Group Update Provider.

C.

The SEPM site LiveUpdate settings should be modified so the Number of content revisions to keep is set to 14.

D.

The SEPM site LiveUpdate settings should be modified so the Number of content revisions to keep is set to 1.

Question 9

An administrator is unknowingly trying to connect to a malicious website and download a known threat within a .rar file. All Symantec Endpoint Protection technologies are installed on the client’s system.

Drag and drop the technologies to the right side of the screen in the sequence necessary to block or detect the malicious file.

Options:

Question 10

A company needs to configure an Application and Device Control policy to block read/write access to all USB removable media on its Symantec Endpoint Protection (SEP) systems.

Which tool should an administrator use to format the GUID and device IDs as required by SEP?

Options:

A.

CheckSum.exe

B.

DevViewer.exe

C.

TaskMgr.exe

D.

DeviceTree.exe

Question 11

You have just started a relayout operation in a live test environment, and you want to limit the impact of your work on concurrent testing activities. You also want to accommodate the need to constrain a relayout job’s performance impact on concurrent activities.

What would you do to perform this task?

Options:

A.

Use the "set iodelay" option of vxtask to throttle the VxVM task.

B.

Use the "set iowait" option of vxtask to throttle the VxVM task.

C.

Use the "set slow" option of vxtask to throttle the VxVM task.

D.

Use the "set nice" option of vxtask to throttle the VxVM task.

Question 12

The LiveUpdate Download Schedule is set to the default on the Symantec Endpoint Protection Manager (SEPM).

How many content revisions must the SEPM keep to ensure clients that check in to the SEPM every 10 days receive delta content packages instead of full content packages?

Options:

A.

10

B.

30

C.

20

D.

60

Question 13

A Symantec Endpoint Protection administrator is using System Lockdown in blacklist mode with a file fingerprint list. When testing a client, the administrator notices that at least one of the files on the list is allowed to execute.

What is the likely cause of the problem?

Options:

A.

The application has been upgraded.

B.

The Application and Device Control policy is in test mode.

C.

A file exception has been added to the Exceptions policy.

D.

The Application and Device Control policy is allowing the file to execute.

Question 14

Which two criteria can an administrator use to determine hosts in a host group? (Select two.)

Options:

A.

Network Adapters

B.

Network Services

C.

Subnet

D.

Application Protocol

E.

DNS Domain

Question 15

Which Symantec Endpoint Protection technology blocks a downloaded program from installing browser plugins?

Options:

A.

Intrusion Prevention

B.

SONAR

C.

Tamper Protection

D.

Application and Device Control

Question 16

Which two criteria are used by Symantec Insight to evaluate binary executables? (Select two.)

Options:

A.

Age

B.

Prevalence

C.

Sensitivity

D.

Confidentiality

E.

Content

Question 17

A Symantec Endpoint Protection (SEP) administrator performed a disaster recovery without a database backup.

In which file should the SEP administrator add “scm.agent.groupcreation=true” to enable the automatic creation of client groups?

Options:

A.

conf.properties

B.

httpd.conf

C.

settings.conf

D.

catalina.out

Question 18

After several failed logon attempts, the Symantec Endpoint Protection Manager (SEPM) has locked the default admin account. An administrator needs to make system changes as soon as possible to address an outbreak, but the admin account is the only account.

Which action should the administrator take to correct the problem with minimal impact to the existing environment?

Options:

A.

Wait 15 minutes and attempt to log on again

B.

Restore the SEPM from a backup

C.

Run the Management Server and Configuration Wizard to reconfigure the server

D.

Reinstall the SEPM

Question 19

An organization needs to add a collection of DNS host names to permit in the firewall policy.

How Should the SEP Administrator add these DNS host names as a single rule in the firewall policy?

Options:

A.

Create a Most Group and add the DNS host names. Then create a firewall rule with the new Host Group as the Source/ Destination

B.

Create a Host Group and add the DNS domain. Then create a firewall rule with the new Host Group as the Local/ Remote.

C.

Create a Host Group and add the DNS host names. Then create a firewall rule with the new Host Group as the Local/Remote

D.

Create a Host Group and add the DNS domain. Then create a firewall rule with the new Host Group as the Source/ Destination

Question 20

Which two items should an administrator enter in the License Activation Wizard to activate a license? (Select two.)

Options:

A.

password for the Symantec Licensing Site

B.

purchase order number

C.

serial number

D.

Symantec License file

E.

credit card number

Page: 1 / 14
Total 135 questions