What are two methods the SEP Administrator can use for gathering a fingerprint list? (Choose two.)
A. GatherSymantecInfo
B. DevViewer
C. Checksum
D. DeviceInf
E. Get File Fingerprint list command
What Symantec Endpoint Protection component facilitates distributing content clients that have a poor connection to the Symantec Endpoint Protection Manager (SEPM)?
A. Group Update Provider
B. SEPM Replication
C. LiveUpdate Administrator
D. Shared Insight Cache Server
An organization has several remote locations with minimum bandwidth and would like to use a content distribution method that does NOT involve configuring an internal LiveUpdate server. What content distribution method should be utilized?
A. Intelligent Updater
B. Management Server
C. External LiveUpdate
D. Group Update Provider
An organization created the following locations for their endpoint:
Internet (for remote user with no VPN)
VPN (remote users connected to the corporate network)
LAN Ethernet
LAN Wifi
The corporate network and VPN users have internet traffic filtered through a Content Analysis Appliance and a Next-Gen Firewall.
Which location is the most exposed to malicious downloads and needs a higher security posture in the Virus and Spyware protection policy?
A. Internet
B. LAN Wifi
C. LAN Ethernet
D. VPN
An organization's Limited Administrator needs to create an exclusion. When the Limited Administrator logs in, they do NOT see Exceptions listed as an option on the Policies page. What setting should a System Administrator enable so the Limited Administrator could see Exceptions and create an exclusion?
A. Edit the Limited Administrator properties and uncheck Do not allow editing of shared policies in the Access Rights tab
B. Edit the Limited Administrator properties and link the Administrator to an Active Directory account with Administrator privileges in the Authentication tab
C. Edit the Limited Administrator properties and ensure Exceptions is checked under Policy rights in Access Rights tab
D. Edit the Limited Administrator properties and change to Administrator in the Access Rights tab
An organization identified a threat in their environment and needs to limit the spread of the threat. How should the SEP Administrator block the threat using Application and Device Control?
A. Gather the MD5 hash of the file and create an Application Content Rule that blocks the file based on specific arguments
B. Gather the MD5 hash of the file and create an Application Content Rule that blocks the file based on the file fingerprint
C. Gather the MD5 hash of the file and create an Application Content Rule that uses regular expression matching
D. Gather the process name of the file and create an Application Content Rule that blocks the file based on the device id type
An organization needs to add a collection of DNS host names to permit in the firewall policy.
How should the SEP Administrator add these DNS host names as a single rule in the firewall policy?
A. Create a Host Group and add the DNS domain. Then create a firewall rule with the new Host Group as the Source/Destination
B. Create a Host Group and add the DNS host names. Then create a firewall rule with the new Host Group as the Source/Destination
C. Create a Host Group and add the DNS host names. Then create a firewall rule with the new Host Group as the Local/Remote
D. Create a Host Group and add the DNS domain. Then create a firewall rule with the new Host Group as the Local/Remote
How should an administrator set up an alert to be notified when manual remediation is needed on an endpoint?
A. Add a System event notification and specify "Left Alone" for the action taken. Choose to log the notification and send an e-mail to the system administrators
B. Add a Single Risk Event notification and specify "Left Alone" for the action taken. Choose to log the notification and send an e-mail to the system administrators
C. Add a New risk detected notification and specify "Left Alone" for the action taken. Choose to log the notification and send an e-mail to the system administrators
D. Add a Client security alert notification and specify "Left Alone" for the action taken. Choose to log the notification and send an e-mail to the system administrators
What type of client remediation can an administrator perform in the SEPM with events in the Attack logs?
A. Free additional disk space by removing files from Quarantine
B. Review the operation status of client computers and enable protection technologies
C. Create a Firewall rule in the Firewall policy
D. Run Power Eraser remotely to resolve issues with heavily infected computers
What type of exceptions could an administrator create from the Symantec Endpoint Protection Manager for a Linux client? (Choose two.)
A. Trusted Web Domain
B. Security Risk Exceptions - File
C. Security Risk Exceptions - Extension
D. Known Risks
E. Security Risk Exceptions - Folder
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 250-428 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.