Unlock your Full 250-428 Symantec Stable Exam

Administration of Symantec Endpoint Protection 14 Questions and Answers

Question 1

A Symantec Endpoint Protection Manager (SEPM) administrator notices performance issues with the SEPM server. The Client tab becomes unresponsive in the SEPM console and .DAT files accumulate in the “agentinfo” folder.

Which tool should the administrator use to gather log files to submit to Symantec Technical Support?

Options:

collectLog.cmd

LogExport.exe

smc.exe

ExportLog.vbs

Question 2

Which action does the Shared Insight Cache (SIC) server take when the whitelist reaches maximum capacity?

Options:

The SIC server allocates additional memory for the whitelist as needed.

The SIC server will start writing the cache to disk.

The SIC server will remove the least recently used items based on the prune size.

The SIC server will remove items with the fewest number of votes.

Question 3

A company needs to forward log data from Data Center A to Data Center B during off peak hours only.

How should the company architect its Symantec Endpoint Protection environment?

Options:

Set up two sites and schedule replication between them during off peak hours

Set up a single site and configure the clients to send their logs to the Manager during off peak hours

Set up a Group Update Provider (GUP) at Data Center A and configure it to send logs during off peak hours

Set up a LiveUpdate Server at Data Center A and configure it to send logs during off peak hours

Question 4

An administrator receives a browser certificate warning when accessing the Symantec Endpoint Protection Manager (SEPM) Web console.

Where can the administrator obtain the certificate?

Options:

SEPM console Licenses section

Admin > Servers > Configure SecureID Authentication

SEPM console Admin Tasks

SEPM Web Access

Question 5

Which two settings does an administrator enable to use the Risk Tracer Feature in the Virus and Spyware Protection policy? (Select two.)

Options:

Firewall Policy

Application and Device Control Policy

Application Learning

Tamper Protection

IPS active response

Question 6

Which ports on the company firewall must an administrator open to avoid problems when connecting to Symantec Public LiveUpdate servers?

Options:

25, 80, and 2967

2967, 8014, and 8443

21, 443, and 2967

21, 80, and 443

Question 7

Which client log shows that a client is downloading content from its designated source?

Options:

Log.LiveUpdate

System Log

Risk Log

SesmLu.log

Question 8

Which two Symantec Endpoint Protection components are used to distribute content updates? (Select two.)

Options:

Group Update Provider (GUP)

Shared Insight Cache Server

Symantec Protection Center

Symantec Endpoint Protection Manager

Symantec Insight Database

Question 9

A company has an application that requires network traffic in both directions to multiple systems at a specific external domain. A firewall rule was created to allow traffic to and from the external domain, but the rule is blocking incoming traffic.

What should an administrator enable in the firewall policy to allow this traffic?

Options:

TCP resequencing

Smart DHCP

Reverse DNS Lookup

Smart WINS

Question 10

Which Symantec Endpoint Protection Management (SEPM) database option is the default for deployments of fewer than 1,000 clients?

Options:

EmbeddeD. Using the Sybase SQL Anywhere database that comes with the product

On SEPM: Installing Microsoft SQL on the same server as the SEPM

External to SEPM: Using a preexisting Microsoft SQL server in the environment

EmbeddeD. Using the Microsoft SQL database that comes with the product

Question 11

Which package type should an administrator use to reduce a SEP environment’s footprint when considering that new SEP 14 clients will be installed on point of sale terminals?

Options:

Default Standard Client

Default Embedded or VDI client

Default dark network client

Custom Standard client

Question 12

An administrator needs to increase the access speed for client files that are stored on a file server.

Which configuration should the administrator review to address the read speed from the server?

Options:

Enable Network Cache in the client’s Virus and Spyware Protection policy

Add the applicable server to a trusted host group

Enable download randomization in the client group’s communication settings

Create a Firewall allow rule for the server’s IP address.

Question 13

An administrator is unknowingly trying to connect to a malicious website and download a known threat within a .rar file. All Symantec Endpoint Protection technologies are installed on the client’s system.

Drag and drop the technologies to the right side of the screen in the sequence necessary to block or detect the malicious file.

Question # 13

Options:

Question 14

Which action must a Symantec Endpoint Protection administrator take before creating custom Intrusion Prevention signatures?

Options:

Define signature variables

Enable signature logging

Change the custom signature order

Create a Custom Intrusion Prevention Signature library

Question 15

Why does Power Eraser need Internet access?

Options:

Validate root certificates on all portable executables (PXE) files

Leverage Symantec Insight

Ensure the Power Eraser tool is the latest release

Look up CVE vulnerabilities

Question 16

A Symantec Endpoint Protection administrator must block traffic from an attacking computer for a specific time period.

Where should the administrator adjust the time to block the attacking computer?

Options:

In the group policy, under External Communication settings

In the group policy, under Communication settings

In the firewall policy, under Protection and Stealth

In the firewall policy, under Built in Rules

Question 17

When can an administrator add a new replication partner?

Options:

immediately following the first LiveUpdate session of the new site

during a Symantec Endpoint Protection Manager upgrade

during the initial install of the new site

immediately following a successful Active Directory sync

Question 18

An administrator is recovering from a Symantec Endpoint Manager (SEPM) site failure.

Which file should the administrator use during an install of SEPM to recover the lost environment according to Symantec Disaster Recovery Best Practice documentation?

Options:

Original installation log

Sylink.xml file from the SEPM

Settings.properties file

Recovery_timestamp file

Question 19

Which two options are available when configuring DNS change detections for SONAR? (Select two.)

Options:

Log

Quarantine

Block

Active Response

Trace

Question 20

Which action can an administrator take to improve the Symantec Endpoint Protection Manager (SEPM) dashboard performance and report accuracy?

Options:

Rebuilding database indexes

Lowering the client installation log entries

Limiting the number of backups to keep

Decreasing the number of content revisions to keep

Load More 250-428 Questions

Weekend Sale Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo

Activedumpsnet Navigation

Activedumpsnet Slider

Symantec 250-428 Administration of Symantec Endpoint Protection 14 Exam Practice Test

Administration of Symantec Endpoint Protection 14 Questions and Answers

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Explanation:

Options:

Answer:

Options:

Answer:

Copyright © 2014-2024 Activedumpsnet. All Rights Reserved