Labour Day Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Symantec
  3. Endpoint Protection 14
  4. 250-428 - Administration of Symantec Endpoint Protection 14

250-428 Exam Dumps - Administration of Symantec Endpoint Protection 14

Question # 4

Which option is a function of the Symantec Endpoint Protection client?

A.

Sends and receives application reputation ratings from LiveUpdate

B.

Uploads logs to the Shared Insight Cache

C.

Downloads virus content updates from Symantec Insight

D.

Provides a Lotus Notes email scanner

Full Access
Question # 5

Which ports on the company firewall must an administrator open to avoid problems when connecting to Symantec Public LiveUpdate servers?

A.

25, 80, and 2967

B.

2967, 8014, and 8443

C.

21, 443, and 2967

D.

21, 80, and 443

Full Access
Question # 6

A company deploys Symantec Endpoint Protection (SEP) to50 virtual machines running on a single ESXi host.

Which configuration change can the administrator make to minimize sudden IOPS impact on the ESXi server while each SEP endpoint communicates with the Symantec Endpoint Protection Manager?

A.

Reduce number of content revisions to keep

B.

Increase download randomization window

C.

Reduce the heartbeat interval

D.

Increase Download Insight sensitivity level

Full Access
Question # 7

A company needs to configure an Application and Device Control policy to block read/write access to all USB removable media on its Symantec Endpoint Protection (SEP) systems.

Which tool should an administrator use to format the GUID and device IDs as required by SEP?

A.

CheckSum.exe

B.

DevViewer.exe

C.

TaskMgr.exe

D.

DeviceTree.exe

Full Access
Question # 8

Which protection engine should an administrator enable in order to drop malicious vulnerability scans against a client system?

A.

SONAR

B.

Intrusion Prevention

C.

Application and Device Control

D.

Tamper Protection

Full Access
Question # 9

What two (2) steps should an administrator take to troubleshoot firewall with the Symantec Endpoint Protection client (Select two.)

A.

Disable the Symantec Endpoint Protection client and reproduce the issue.

B.

Add an "Allow AH" traffic rule to the assigned firewall policy and reproduce the issue.

C.

Create an exclusion in the Exceptions policy and reproduce the issue.

D.

Withdraw the assigned firewall policy and reproduce the issue.

E.

Enable TSE debug on the Symantec Endpoint Protect client and reproduce the issue.

Full Access
Question # 10

Which task should an administrator perform to troubleshoot operation of the Symantec Endpoint Protection embedded database?

A.

Verify the sqlserver.exe service is running on port 1433

B.

Verify that dbsrv11.exe is listening on port 2638

C.

Check the database transaction logs in X:\Program Files\Microsoft SQL server

D.

Check whether the MSSQLSERVER service is running

Full Access
Question # 11

Which technology can prevent an unknown executable from being downloaded through a browser session?

A.

Browser Intrusion Prevention

B.

Download Insight

C.

Application Control

D.

SONAR

Full Access
Question # 12

In addition to performance improvements, which two benefits does Insight provide? (Select two.)

A.

Reputation scoring for documents

B.

Zero-day threat detection

C.

Protection against malicious java scripts

D.

False positive mitigation

E.

Blocking of malicious websites

Full Access
Question # 13

An organization recently experienced an outbreak and is conducting a health check of their environment! What Protection Technology should the SEP team enable to prevent vulnerability attacks on software?

A.

Memory Exploit Mitigation (MEM)

B.

System Lockdown

C.

Behavior Monitoring (SONAR)

D.

Host Integrity

Full Access
Question # 14

Which protection technology can detect botnet command and control traffic generated on the Symantec Endpoint Protection client machine?

A.

Intrusion Prevention

B.

Insight

C.

Risk Tracer

D.

SONAR

Full Access
Question # 15

Which action must a Symantec Endpoint Protection administrator take before creating custom Intrusion Prevention signatures?

A.

Define signature variables

B.

Enable signature logging

C.

Change the custom signature order

D.

Create a Custom Intrusion Prevention Signature library

Full Access
Question # 16

Which two Symantec Endpoint Protection components are used to distribute content updates? (Select two.)

A.

Group Update Provider (GUP)

B.

Shared Insight Cache Server

C.

Symantec Protection Center

D.

Symantec Endpoint Protection Manager

E.

Symantec Insight Database

Full Access
Question # 17

An administrator configures the scan duration for a scheduled scan. The scan fails to complete in the specified time period.

When will the next scheduled scan occur on the computer?

A.

When the computer restarts

B.

At the next scheduled scan period

C.

Within the next hour

D.

When the user restarts the scan

Full Access
Question # 18

Which action does SONAR take before convicting a process?

A.

Checks the reputation of the process

B.

Restarts the system

C.

Quarantines the process

D.

Blocks suspicious behavior

Full Access
Question # 19

Which action should an administrator take to prevent users from using Windows Security Center?

A.

Set Disable antivirus alert within Windows Security Center to Disable

B.

Set Disable Windows Security Center to Always

C.

Set Disable Windows Security Center to Disable

D.

Set Disable antivirus alert within Windows Security Center to Never

Full Access
Question # 20

Which tool should the administrator run before starting the Symantec Endpoint Protection Manager upgrade according to best practices?

A.

CollectLog.cmd

B.

DBValidator.bat

C.

LogExport.cmd

D.

Upgrade.exe

Full Access

Hot Exams

ADM-201 Dumps
Sales-Cloud-Consultant Dumps
PCNSE Dumps
Service-Cloud-Consultant Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
Associate-Cloud-Engineer Dumps
350-701 Dumps
AZ-104 Dumps
CKA Dumps
SY0-601 Dumps
NCSE-Core Dumps