250-428 Practice Exam Questions with Answers Administration of Symantec Endpoint Protection 14 Certification

Catastrophic hardware failure has occurred on a single Symantec Endpoint Protection Manager (SEPM) in an environment with two SEPMs.

What is the quickest way an administrator can restore the environment to its original state?

Which tool should an administrator use to discover and deploy the Symantec Endpoint Protection client to new computers?

A company has an application that requires network traffic in both directions to multiple systems at a specific external domain. A firewall rule was created to allow traffic to and from the external domain, but the rule is blocking incoming traffic.

What should an administrator enable in the firewall policy to allow this traffic?

An organization recently experienced an outbreak and is conducting a health check of their environment! What Protection Technology should the SEP team enable to prevent vulnerability attacks on software?

An administrator uses the search criteria displayed in the image below.

Which results are returned from the query?

A company deploys Symantec Endpoint Protection (SEP) to50 virtual machines running on a single ESXi host.

Which configuration change can the administrator make to minimize sudden IOPS impact on the ESXi server while each SEP endpoint communicates with the Symantec Endpoint Protection Manager?

Which action must a Symantec Endpoint Protection administrator take before creating custom Intrusion Prevention signatures?

A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team informs the administrator that a client system is making an FTP connection to a server. While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SET Traffic log or Packet log. While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process.

What is the most likely reason?

Which task is unavailable for administrative accounts that authenticate using RSA SecurID Authentication?

A Symantec Endpoint Protection Manager (SEPM) administrator notices performance issues with the SEPM server. The Client tab becomes unresponsive in the SEPM console and .DAT files accumulate in the “agentinfo” folder.

Which tool should the administrator use to gather log files to submit to Symantec Technical Support?

In the virus and Spyware Protection policy, an administrator sets the First action to Clean risk and sets If first action fails to Delete risk.

Which two factors should the administrator consider? (Select two.)

What is a valid Symantec Endpoint Protection (SEP) single site design?

In addition to performance improvements, which two benefits does Insight provide? (Select two.)

Where can an administrator obtain the Sylink.xml file?

Which package type should an administrator use to reduce a SEP environment’s footprint when considering that new SEP 14 clients will be installed on point of sale terminals?

Which setting can an administrator change that will result in the greatest impact on the speed of delivery of Symantec Endpoint Protection policy changes to the endpoints?

Which two options are supported Symantec Endpoint Manager authentication types? (Select two.)

A system running Symantec Endpoint Protection is assigned to a group with client user interface control settings set to mixed mode with Auto-Protect options set to Client. The user on the system is unable to turn off Auto-Protect.

What is the likely cause of this problem?

A Symantec Endpoint Protection (SEP) administrator performed a disaster recovery without a database backup.

In which file should the SEP administrator add “scm.agent.groupcreation=true” to enable the automatic creation of client groups?

Which two criteria can an administrator use to determine hosts in a host group? (Select two.)

An organization has several remote location with minimum bandwidth and would like to use a content distribution method that does NOT involve configuring as internal LiveUpdate server.

What content distribution method should be utilized?

How are Insight results stored?

You have executed the vxdg -g diskgroup adddisk disk_name= command.

Which switch needs to be added to force VxVM to take the disk media name of the failed disk and assign it to the new replacement disk?

Which object in the Symantec Endpoint Protection Manager console describes the most granular level to which a policy can be assigned?

An organization is troubleshooting a false positive detection with WS.Respulation.1 Signature on an unmanaged SEP client.

What are the steps to create an exclusion on the unmanaged SEP Client?

Which Symantec Endpoint Protection component enables access to data through ad-hoc reports and charts with pivot tables?

A large software company runs a small engineering department that is remotely located over a slow WAN connection.

Which option should the company use to install an exported Symantec Endpoint Protection (SEP) package to the remote site using the smallest amount of network bandwidth?

An administrator is re-adding an existing Replication Partner to the local Symantec Endpoint Protection Manager site.

Which two parameters are required to re-establish this replication partnership? (Select two.)

A Symantec Endpoint Protection administrator needs to comply with a service level agreement stipulating that all definitions must be internally quality assurance tested before being deployed to customers.

Which step should the administrator take?

Which technology can prevent an unknown executable from being downloaded through a browser session?

An administrator is unknowingly trying to connect to a malicious website and download a known threat within a .rar file. All Symantec Endpoint Protection technologies are installed on the client’s system.

Drag and drop the technologies to the right side of the screen in the sequence necessary to block or detect the malicious file.

Which action should an administrator take to prevent users from using Windows Security Center?

Which two are policy types within the Symantec Endpoint Protection Manager? (Select two.)

When can an administrator add a new replication partner?

An organization needs to add a collection of DNS host names to permit in the firewall policy.

How Should the SEP Administrator add these DNS host names as a single rule in the firewall policy?