Administration of Symantec Endpoint Protection 14
Last Update Apr 26, 2024
Total Questions : 135
We are offering FREE 250-428 Symantec exam questions. All you do is to just go and sign up. Give your details, prepare 250-428 free exam questions and then go for complete pool of Administration of Symantec Endpoint Protection 14 test questions that will help you more.
A company uses a remote administration tool that is detected and quarantined by Symantec Endpoint Protection (SEP).
Which step can an administrator perform to continue using the remote administration tool without detection by SEP?
In the virus and Spyware Protection policy, an administrator sets the First action to Clean risk and sets If first action fails to Delete risk.
Which two factors should the administrator consider? (Select two.)
Which option is a characteristic of a Symantec Endpoint Protection (SEP) domain?
Which client log shows that a client is downloading content from its designated source?
A company allows users to create firewall rules. During the course of business, users are accidentally adding rules that block a custom internal application.
Which steps should the Symantec Endpoint Protection administrator take to prevent users from blocking the custom application?
An administrator is responsible for the Symantec Endpoint Protection architecture of a large, multi-national company with three regionalized data centers. The administrator needs to collect data from clients; however, the collected data must stay in the local regional data center. Communication between the regional data centers is allowed 20 hours a day.
How should the administrator architect this organization?
An administrator is recovering from a Symantec Endpoint Manager (SEPM) site failure.
Which file should the administrator use during an install of SEPM to recover the lost environment according to Symantec Disaster Recovery Best Practice documentation?
A large-scale virus attack is occurring and a notification condition is configured to send an email whenever viruses infect five computers on the network. A Symantec Endpoint Protection administrator has set a one hour damper period for that notification condition.
How many notifications does the administrator receive after 30 computers are infected in two hours?
A company needs to forward log data from Data Center A to Data Center B during off peak hours only.
How should the company architect its Symantec Endpoint Protection environment?
Which action does the Shared Insight Cache (SIC) server take when the whitelist reaches maximum capacity?
Which Symantec Endpoint Protection defense mechanism provides protection against threats that propagate from system to system through the use of autorun.inf files?
What two (2) steps should an administrator take to troubleshoot firewall with the Symantec Endpoint Protection client (Select two.)
An administrator notices that some entries list that the Risk was partially removed. The administrator needs to determine whether additional steps are necessary to remediate the threat.
Where in the Symantec Endpoint Protection Manager console can the administrator find additional information on the risk?
An administrator receives a browser certificate warning when accessing the Symantec Endpoint Protection Manager (SEPM) Web console.
Where can the administrator obtain the certificate?
Which object in the Symantec Endpoint Protection Manager console describes the most granular level to which a policy can be assigned?
A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team informs the administrator that a client system is making an FTP connection to a server. While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SET Traffic log or Packet log. While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process.
What is the most likely reason?
Catastrophic hardware failure has occurred on a single Symantec Endpoint Protection Manager (SEPM) in an environment with two SEPMs.
What is the quickest way an administrator can restore the environment to its original state?