Download Symantec.250-428.RealExams.2019-07-25.54q.vcex

Download Exam

File Info

Exam Administration of Symantec Endpoint Protection 14
Number 250-428
File Name Symantec.250-428.RealExams.2019-07-25.54q.vcex
Size 330 KB
Posted Jul 25, 2019
Download Symantec.250-428.RealExams.2019-07-25.54q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase

Coupon: MASTEREXAM
With discount: 20%





Demo Questions

Question 1

In which two areas can host groups be used? (Select two.)


  1. Locations
  2. Download Insight
  3. IPS
  4. Application and Device Control
  5. Firewall
Correct answer: CE



Question 2

Which Symantec Endpoint Protection defense mechanism provides protection against threats that propagate from system to system through the use of autorun.inf files?


  1. Host Integrity
  2. SONAR
  3. Application and Device Control
  4. Emulator
Correct answer: C



Question 3

Which action should an administrator take to prevent users from using Windows Security Center?


  1. Set Disable antivirus alert within Windows Security Center to Disable
  2. Set Disable Windows Security Center to Always
  3. Set Disable Windows Security Center to Disable
  4. Set Disable antivirus alert within Windows Security Center to Never
Correct answer: B



Question 4

A Symantec Endpoint Protection (SEP) client uses a management server list with three management servers in the priority 1 list. 
Which mechanism does the SEP client use to select an alternate management server if the currently selected management server is unavailable?


  1. The client chooses the next server alphabetically by server name.
  2. The client chooses another server alphabetically in the list randomly.
  3. The client chooses a server with the next highest IP address.
  4. The client chooses a server based on the lowest server load.
Correct answer: B



Question 5

A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team informs the administrator that a client system is making an FTP connection to a server. While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SET Traffic log or Packet log. While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process. 
What is the most likely reason?


  1. The server is in the IPS policy excluded hosts list.
  2. The block rule is below the blue line.
  3. Peer-to-peer authentication is allowing the traffic.
  4. The server has an IPS exception for that traffic.
Correct answer: A



Question 6

Which setting can an administrator configure in the LiveUpdate policy?


  1. Linux Settings
  2. Frequency to download content.
  3. Specific content revision to download from a Group Update Provider (GUP)
  4. Specific content policies to download
Correct answer: B
Explanation:
References: https://support.symantec.com/en_US/article.TECH104435.html
References: https://support.symantec.com/en_US/article.TECH104435.html



Question 7

A Symantec Endpoint Protection Manager (SEPM) administrator notices performance issues with the SEPM server. The Client tab becomes unresponsive in the SEPM console and .DAT files accumulate in the “agentinfo” folder. 
Which tool should the administrator use to gather log files to submit to Symantec Technical Support?


  1. collectLog.cmd
  2. LogExport.exe
  3. smc.exe
  4. ExportLog.vbs
Correct answer: A
Explanation:
References: https://support.symantec.com/en_US/article.TECH105955.html
References: https://support.symantec.com/en_US/article.TECH105955.html



Question 8

Which two considerations must an administrator make when enabling Application Learning in an environment? (Select two.)


  1. Application Learning should be deployed on a small group of systems in the enterprise.
  2. Application Learning can generate significant CPU or memory use on a Symantec Endpoint Protection Manager.
  3. Application Learning is dependent on Insight.
  4. Application Learning requires a file fingerprint list to be created in advance.
  5. Application Learning can generate increased false positives.
Correct answer: AB
Explanation:
References: https://support.symantec.com/en_US/article.TECH134367.html
References: https://support.symantec.com/en_US/article.TECH134367.html



Question 9

Which task should an administrator perform to troubleshoot operation of the Symantec Endpoint Protection embedded database?


  1. Verify the sqlserver.exe service is running on port 1433
  2. Verify that dbsrv11.exe is listening on port 2638
  3. Check the database transaction logs in X:\Program Files\Microsoft SQL Server
  4. Check whether the MSSQLSERVER service is running
Correct answer: B
Explanation:
References: https://support.symantec.com/en_US/article.TECH160964.html
References: https://support.symantec.com/en_US/article.TECH160964.html



Question 10

What does SONAR use to reduce false positives?


  1. Virus and Spyware definitions
  2. Extended File Attributes (EFA) table
  3. File Fingerprint list
  4. Symantec Insight
Correct answer: D
Explanation:
References: https://support.symantec.com/en_US/article.HOWTO80929.html
References: https://support.symantec.com/en_US/article.HOWTO80929.html









CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!

Get Now!


HOW TO OPEN VCEX FILES

Use ProfExam Simulator to open VCEX files