Symantec 250-428 online test

Question 1

After several failed logon attempts, the Symantec Endpoint Protection Manager (SEPM) has locked
the default admin account. An administrator needs to make system changes as soon as possible to
address an outbreak, but the admin account is the only account.
Which action should the administrator take to correct the problem with minimal impact to the
existing environment?

• A. Wait 15 minutes and attempt to log on again
• B. Restore the SEPM from a backup
• C. Run the Management Server and Configuration Wizard to reconfigure the server
• D. Reinstall the SEPM

Answer:

A

Question 2

In which two areas can host groups be used? (Select two.)

• A. Locations
• B. Download Insight
• C. IPS
• D. Application and Device Control
• E. Firewall

Answer:

C,E

Question 3

Which Symantec Endpoint Protection technology blocks a downloaded program from installing
browser plugins?

• A. Intrusion Prevention
• B. SONAR
• C. Tamper Protection
• D. Application and Device Control

Answer:

D

Question 4

Which Symantec Endpoint Protection defense mechanism provides protection against threats that
propagate from system to system through the use of autorun.inf files?

• A. Host Integrity
• B. SONAR
• C. Application and Device Control
• D. Emulator

Answer:

C

Question 5

An administrator uses the search criteria displayed in the image below.

Which results are returned from the query?

• A. Only VMware Servers in the Default Group
• B. All Windows 2012 Servers in the Default Group
• C. Only Windows 2012 Servers that are Virtualized in the Default Group
• D. All Windows 2012 Servers and all Virtualized Servers in the Default Group

Answer:

D

Question 6

Which action should an administrator take to prevent users from using Windows Security Center?

• A. Set Disable antivirus alert within Windows Security Center to Disable
• B. Set Disable Windows Security Center to Always
• C. Set Disable Windows Security Center to Disable
• D. Set Disable antivirus alert within Windows Security Center to Never

Answer:

B

Question 7

Which two options are supported Symantec Endpoint Manager authentication types? (Select two.)

• A. Network Access Control
• B. Biometrics
• C. RSA SecurID
• D. MS-CHAP
• E. Microsoft Active Directory

Answer:

C,E

Explanation:
References:
https://support.symantec.com/en_US/article.HOWTO81227.html

Question 8

A Symantec Endpoint Protection (SEP) client uses a management server list with three management
servers in the priority 1 list.
Which mechanism does the SEP client use to select an alternate management server if the currently
selected management server is unavailable?

• A. The client chooses the next server alphabetically by server name.
• B. The client chooses another server alphabetically in the list randomly.
• C. The client chooses a server with the next highest IP address.
• D. The client chooses a server based on the lowest server load.

Answer:

B

Question 9

A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and
assigns the policy to all of the SEP clients. The network monitoring team informs the administrator
that a client system is making an FTP connection to a server. While investigating the problem from
the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in
the SET Traffic log or Packet log. While viewing the Network Activity dialog, there is zero
inbound/outbound traffic for the FTP process.
What is the most likely reason?

• A. The server is in the IPS policy excluded hosts list.
• B. The block rule is below the blue line.
• C. Peer-to-peer authentication is allowing the traffic.
• D. The server has an IPS exception for that traffic.

Answer:

A

Question 10

Which setting can an administrator configure in the LiveUpdate policy?

• A. Linux Settings
• B. Frequency to download content
• C. Specific content revision to download from a Group Update Provider (GUP)
• D. Specific content policies to download

Answer:

B

Explanation:
References:
https://support.symantec.com/en_US/article.TECH104435.html