Symantec 250-428 practice test

Administration of Symantec Endpoint Protection 14Exam


Question 1

What report should a SEP administrator utilize to verify that Clients are connected to the
management server?

  • A. Client Inventory
  • B. Client Online Status
  • C. Client Migration
  • D. Audit report
Answer:

A

Discussions

Question 2

What optional Symantec Endpoint Protection component could an administrator utilize if an
organization requires custom reports and queries?

  • A. Q-Radar
  • B. Splunk
  • C. Crystal Reports
  • D. IT Analytics
Answer:

C

Discussions

Question 3

An organization needs to add a collection of DNS host names to permit in the firewall policy.
How Should the SEP Administrator add these DNS host names as a single rule in the firewall policy?

  • A. Create a Most Group and add the DNS host names. Then create a firewall rule with the new Host Group as the Source/ Destination
  • B. Create a Host Group and add the DNS domain. Then create a firewall rule with the new Host Group as the Local/ Remote.
  • C. Create a Host Group and add the DNS host names. Then create a firewall rule with the new Host Group as the Local/Remote
  • D. Create a Host Group and add the DNS domain. Then create a firewall rule with the new Host Group as the Source/ Destination
Answer:

B

Discussions

Question 4

What SEPM report should an administrator utilize to view the files that Download Insight detected
on your computers, after configuring Download Insight?

  • A. Risk Distribution
  • B. SONAR Detection Results
  • C. Risk Detections Count
  • D. Download Risk Distribution
Answer:

D

Discussions

Question 5

An organization recently experienced an outbreak and is conducting a health check of their
environment! What Protection Technology should the SEP team enable to prevent vulnerability
attacks on software?

  • A. Memory Exploit Mitigation (MEM)
  • B. System Lockdown
  • C. Behavior Monitoring (SONAR)
  • D. Host Integrity
Answer:

A

Discussions

Question 6

An organization recently experienced a definition storm where clients downloaded full definition
packages from the management server.
Where can the SEPM increase the amount of content revisions so that clients with older content can
get delta updates?

  • A. Click on Policies and select LiveUpdate. Edit the LiveUpdate Content policy.
  • B. Edit the Site Properties and under the LiveUpdate tab, edit the amount of content revisions to keep.
  • C. Click on Policies and select LiveUpdate. Edit the LiveUpdate Settings policy.
  • D. Edit the Server Properties and under the LiveUpdate tab, edit the amount of content revisions to keep.
Answer:

C

Discussions

Question 7

What two (2) steps should an administrator take to troubleshoot firewall with the Symantec Endpoint
Protection client (Select two.)

  • A. Disable the Symantec Endpoint Protection client and reproduce the issue.
  • B. Add an "Allow AH" traffic rule to the assigned firewall policy and reproduce the issue.
  • C. Create an exclusion in the Exceptions policy and reproduce the issue.
  • D. Withdraw the assigned firewall policy and reproduce the issue.
  • E. Enable TSE debug on the Symantec Endpoint Protect client and reproduce the issue.
Answer:

AB

Discussions

Question 8

What Symantec Best Practice is recommended when setting up Active Directory integration with the
Symantec Endpoint protection Manager?

  • A. Link the built-in Admin account to an Active Directory account.
  • B. Ensure there is more than one Active Directory Server listed in the Server Properties.
  • C. Secure the management console by denying access to certain computers.
  • D. Import the existing AD structure to organize clients in user mode.
Answer:

A

Discussions

Question 9

What is the difference between a shared and non-shared policy?

  • A. Shared policies can be edited and replaced for all groups and locations that use it. A non-shared policy is unique to a specific group or location.
  • B. Shared policies are replicated to a Replication Partner. A non-shared policy is specific to a local SEPM site.
  • C. Shared policies are used in Production. A non-shared policy is used in test and only work in Log Only mode.
  • D. Shared policies are unique for a specific group and location. A nonshared policy can be edited and replaced for all groups and locations that use it.
Answer:

D

Discussions

Question 10

An organization deployed a client install package with incorrect group settings to a set of endpoints.
How can the organization ensure the client is NOT automatically added to the incorrect group upon
check-in?

  • A. Run the Move Clients utility.
  • B. Enable Block New Clients in the Group properties.
  • C. Add a new subgroup under the incorrect group.
  • D. Create a Location that will move the clients automatically to the correct group.
Answer:

A

Discussions
To page 2