1. Home
  2. Symantec
  3. 250-428

Administration of Symantec Endpoint Protection 14

Exam Details

  • Exam Code
    :250-428
  • Exam Name
    :Administration of Symantec Endpoint Protection 14
  • Certification
    :Symantec Certifications
  • Vendor
    :Symantec
  • Total Questions
    :165 Q&As
  • Last Updated
    :Apr 12, 2025

Symantec Symantec Certifications 250-428 Questions & Answers

  • Question 141:

    Which step is unnecessary when an administrator creates an application rule set?

    A. define a provider

    B. select a process to apply

    C. select a process to exclude

    D. define rule order

  • Question 142:

    Where can an administrator obtain the Sylink.xml file?

    A. C:\Program Files\Symantec\Symantec Endpoint Protection\ folder on the client

    B. C:\Program Files\Symantec\Symantec Endpoint Protection\Manager\data\inbox\agent\ folder on the Symantec Endpoint Protection Manager

    C. by selecting the client group and exporting the communication settings in the Symantec Endpoint Protection Manager Console

    D. by selecting the location and exporting the communication settings in the Symantec Endpoint Protection Manager Console

  • Question 143:

    Which action should an administrator take to prevent users from using Windows Security Center?

    A. Set Disable antivirus alert within Windows Security Center to Disable

    B. Set Disable Windows Security Center to Always

    C. Set Disable Windows Security Center to Disable

    D. Set Disable antivirus alert within Windows Security Center to Never

  • Question 144:

    A Symantec Endpoint Protection (SEP) client uses a management server list with three management servers in the priority 1 list.

    Which mechanism does the SEP client use to select an alternate management server if the currently selected management server is unavailable?

    A. The client chooses the next server alphabetically by server name.

    B. The client chooses another server alphabetically in the list randomly.

    C. The client chooses a server with the next highest IP address.

    D. The client chooses a server based on the lowest server load.

  • Question 145:

    Which command attempts to find the name of the drive in the private region and to match it to a disk media record that is missing a disk access record?

    A. vxdisk

    B. vxdctl

    C. vxreattach

    D. vxrecover

  • Question 146:

    An administrator plans to implement a multi-site Symantec Endpoint Protection (SEP) deployment. The administrator needs to determine whether replication is viable without having to make network firewall changes or change defaults in SEP.

    Which port should the administrator verify is open on the path of communication between the two proposed sites? (Type the port number.)

    A. 8443

  • Question 147:

    Which action must a Symantec Endpoint Protection administrator take before creating custom Intrusion Prevention signatures?

    A. Change the custom signature order

    B. Create a Custom Intrusion Prevention Signature library

    C. Define signature variables

    D. Enable signature logging

  • Question 148:

    Where in the Symantec Endpoint Protection (SEP) management console will a SEP administrator find the option to allow all users to enable and disable the client firewall?

    A. Client User Interface Control Settings

    B. Overview in Firewall Policy

    C. Settings in Intrusion Prevention Policy

    D. System Lockdown in Group Policy

  • Question 149:

    In the virus and Spyware Protection policy, an administrator sets the First action to Clean risk and sets If first action fails to Delete risk. Which two factors should the administrator consider? (Select two.)

    A. The deleted file may still be in the Recycle Bin.

    B. IT Analytics may keep a copy of the file for investigation.

    C. False positives may delete legitimate files.

    D. Insight may back up the file before sending it to Symantec.

    E. A copy of the threat may still be in the quarantine.

  • Question 150:

    A Symantec Endpoint Protection administrator must block traffic from an attacking computer for a specific time period. Where should the administrator adjust the time to block the attacking computer?

    A. in the firewall policy, under Protection and Stealth

    B. in the firewall policy, under Built in Rules

    C. in the group policy, under External Communication Settings

    D. in the group policy, under Communication Settings

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 250-428 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.