Which two criteria should an administrator use when defining Location Awareness for the Symantec Endpoint Protection (SEP) client? (Select two.)
A. NIC description
B. SEP domain
C. geographic location
D. WINS server
E. Network Speed
What is an appropriate use of a file fingerprint list?
A. allow unknown files to be downloaded with Insight
B. prevent programs from running
C. prevent AntiVirus from scanning a file
D. allow files to bypass Intrusion Prevention detection
Which Symantec Endpoint Protection component enables access to data through ad-hoc reports and charts with pivot tables?
A. Symantec Protection Center
B. Shared Insight Cache Server
C. Symantec Endpoint Protection Manager
D. IT Analytics
A Symantec Endpoint Protection Manager (SEPM) administrator notices performance issues with the SEPM server. The Client tab becomes unresponsive in the SEPM console and .DAT files accumulate in the "agentinfo" folder. Which tool should the administrator use to gather log files to submit to Symantec Technical Support?
A. collectLog.cmd
B. LogExport.exe
C. ExportLog.vbs
D. smc.exe
A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team informs the administrator that a client system is making an FTP connection to a server. While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SEP Traffic log or Packet log. While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process.
What is the most likely reason?
A. The block rule is below the blue line.
B. The server has an IPS exception for that traffic.
C. Peer-to-peer authentication is allowing the traffic.
D. The server is in the IPS policy excluded hosts list.
A company has a small number of systems in their Symantec Endpoint Protection Manager (SEPM) group with federal mandates that AntiVirus definitions undergo a two week testing period. After being loaded on the client, the tested virus definitions must remain unchanged on the client systems until the next set of virus definitions have completed testing. All other clients must remain operational on the most recent definition sets. An internal LiveUpdate Server has been considered as too expensive to be a solution for this company.
What should be modified on the SEPM to meet this mandate?
A. The LiveUpdate Settings policy for this group should be modified to use an Explicit Group Update Provider.
B. The LiveUpdate Content policy for this group should be modified to use a specific definition revision.
C. The SEPM site LiveUpdate settings should be modified so the Number of content revisions to keep is set to 1.
D. The SEPM site LiveUpdate settings should be modified so the Number of content revisions to keep is set to 14.
Which feature reduces the impact of Auto-Protect on a virtual client guest operating system?
A. Network Shared Insight Cache
B. Virtual Image Exception
C. Scan Randomization
D. Virtual Shared Insight Cache
An administrator needs to increase the access speed for client files that are stored on a file server. Which configuration should the administrator review to address the read speed from the server?
A. Enable Network Cache in the client's Virus and Spyware Protection policy
B. Add the applicable server to a trusted host group
C. Create a Firewall allow rule for the server's IP address
D. Enable download randomization in the client group's communication settings
Which two instances could cause Symantec Endpoint Protection to be unable to remediate a file? (Select two.)
A. Another scan is in progress.
B. The detected file is in use.
C. There are insufficient file permissions.
D. The file is marked for deletion by Windows on reboot.
E. The file has good reputation.
An administrator notices that some entries list that the Risk was partially removed. The administrator needs to determine whether additional steps are necessary to remediate the threat. Where in the Symantec Endpoint Protection Manager console can the administrator find additional information on the risk?
A. Risk log
B. Computer Status report
C. Notifications
D. Infected and At Risk Computers report
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 250-428 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.