Symantec Symantec Certifications 250-428 Questions & Answers

• Question 41:

  An administrator wants to have the SEPM run a batch file as the result of a notification. What directory does a batch file need to be in for the batch file to run?

  A. \Program Files\Symantec\Symantec Endpoint Protection Manager\tomcat

  B. \Program Files\Symantec\Symantec Endpoint Protection Manager\data

  C. \Program Files\Symantec\Symantec Endpoint Protection Manager\bin

  D. \Program Files\Symantec\Symantec Endpoint Protection Manager\bin64

  Correct Answer: C

  Reference: https://www.symantec.com/connect/forums/batch-files-under-notification-conditions

• Question 42:

  Which protection technology can detect botnet command and control traffic generated on the Symantec Endpoint Protection client machine?

  A. Intrusion Prevention

  B. Insight

  C. Risk Tracer

  D. SONAR

  Correct Answer: A

• Question 43:

  Which two criteria could be used to define Location Awareness for the Symantec Endpoint Protection (SEP) client? (Choose two.)

  A. geographic location

  B. NIC description

  C. SEP domain

  D. Network Speed

  E. WINS server

  Correct Answer: BE

  Reference: https://support.symantec.com/us/en/article.tech97369.html

• Question 44:

  Which technology can prevent an unknown executable from being downloaded through a browser session?

  A. Insight

  B. Advanced Machine Learning

  C. Application Control

  D. Intrusion Prevention

  Correct Answer: A

• Question 45:

  What happens when the license expires in Symantec Endpoint Protection 14 enterprise Edition?

  A. LiveUpdate stops.

  B. Group Update Providers (GUP) stop.

  C. Symantec Insight is disabled.

  D. Content updates continue.

  Correct Answer: D

• Question 46:

  What is a function of Symantec Insight?

  A. Provides reputation ratings for structured data

  B. Enhances the capability of Group Update Providers (GUP)

  C. Increases the efficiency and effectiveness of LiveUpdate

  D. Provides reputation ratings for binary executables.

  Correct Answer: D

• Question 47:

  A company needs to configure an Application and Device Control policy to block read/write access to all USB removable media on its Symantec Endpoint Protection (SEP) systems. Which tool should an administrator use to format the GUID and device IDs as required by SEP?

  A. CheckSum.exe

  B. DeviceTree.exe

  C. TaskMgr.exe

  D. DevViewer.exe

  Correct Answer: D

• Question 48:

  Which setting can an administrator change that will result in the greatest impact on the speed of delivery of Symantec Endpoint Protection policy changes to the endpoints?

  A. Download randomization

  B. Heartbeat interval

  C. LiveUpdate scheduling frequency

  D. Reconnection preferences

  Correct Answer: D

• Question 49:

  Which two criteria can an administrator use to determine hosts in a host group? (Select two.)

  A. Subnet

  B. Network Services

  C. Application Protocol

  D. DNS Domain

  E. Network Adapters

  Correct Answer: AD

  References: https://support.symantec.com/en_US/article.HOWTO81218.html

• Question 50:

  Refer to the exhibit.

  

  An administrator has configured the Symantec Endpoint Protection Manager (SEPM) to use Active Directory authentication. The administrator defines a new Symantec Endpoint Protection administrator named Sep_SysAdmin, configured to use Directory Authentication.

  Which password needs to be entered when the administrator logs in to the SEPM console as Sep_SysAdmin?

  A. The password for the Active Directory account Nova_Grant

  B. The password for the SEPM account Nova_Grant

  C. The password for the Active Directory account Sep_SysAdmin

  D. The password for the SEPM account Sep_SysAdmin

  Correct Answer: A