1. Home
  2. Symantec
  3. 250-428

Administration of Symantec Endpoint Protection 14

Exam Details

  • Exam Code
    :250-428
  • Exam Name
    :Administration of Symantec Endpoint Protection 14
  • Certification
    :Symantec Certifications
  • Vendor
    :Symantec
  • Total Questions
    :165 Q&As
  • Last Updated
    :Apr 12, 2025

Symantec Symantec Certifications 250-428 Questions & Answers

  • Question 71:

    Which technology can prevent an unknown executable from being downloaded through a browser session?

    A. Browser Intrusion Prevention

    B. Download Insight

    C. Application Control

    D. SONAR

  • Question 72:

    A company receives a high number of reports from users that files being downloaded from internal web servers are blocked. The Symantec Endpoint Protection administrator verifies that the Automatically trust any file downloaded from an intranet website option is enabled.

    Which configuration can cause Insight to block the files being downloaded from the internal web servers?

    A. Intrusion Prevention is disabled.

    B. Local intranet zone is configured incorrectly on the Windows clients browser settings.

    C. Local intranet zone is configured incorrectly on the Mac clients browser settings.

    D. Virus and Spyware Definitions are out of date.

  • Question 73:

    Which Symantec Endpoint Protection defense mechanism provides protection against threats that propagate from system to system through the use of autotun.inf files?

    A. Host Integrity

    B. SONAR

    C. Application and Device Control

    D. Emulator

  • Question 74:

    In addition to performance improvements, which two benefits does Insight provide? (Select two.)

    A. Reputation scoring for documents

    B. Zero-day threat detection

    C. Protection against malicious java scripts

    D. False positive mitigation

    E. Blocking of malicious websites

  • Question 75:

    Which setting can an administrator configure in the LiveUpdate Policy?

    A. Specific content revision to download from a Group Update Provider (GUP)

    B. Specific content policies to download

    C. Linux Settings

    D. Frequency to download content.

  • Question 76:

    Refer to the exhibit.

    In the use case displayed in the exhibit.

    Why is Notepad unable to save the changes to the file in the image below?

    A. Tamper Protection is preventing Notepad from modifying the host file.

    B. SONAR is set to block host file modifications.

    C. System Lockdown is enabled.

    D. SONAR High Risk detection is set to Block.

  • Question 77:

    A company deploys Symantec Endpoint Protection (SEP) to 50 virtual machines running on a single ESXi host.

    Which configuration change can the administrator make to minimize sudden IOPS impact on the ESXi server while each SEP endpoint communicates with the Symantec Endpoint Protection Manager?

    A. increase Download Insight sensitivity level

    B. reduce the heartbeat interval

    C. increase download randomization window

    D. reduce number of content revisions to keep

  • Question 78:

    Which action does SONAR take before convicting a process?

    A. quarantines the process

    B. blocks suspicious behavior

    C. reboots the system

    D. checks the reputation of the process

  • Question 79:

    A system running Symantec Endpoint Protection is assigned to a group with client user interface control settings set to mixed mode with Auto-Protect options set to Client. The user on the system is unable to turn off Auto-Protect. What is the likely cause of this problem?

    A. Tamper protection is enabled.

    B. System Lockdown is enabled.

    C. Application and Device Control is configured.

    D. The padlock on the enable Auto-Protect option is locked.

  • Question 80:

    Administrators at a company share a single terminal for configuring Symantec Endpoint Protection. The administrators want to ensure that each administrator using the console is forced to authenticate using their individual credentials. They are concerned that administrators may forget to log off the terminal, which would easily allow others to gain access to the Symantec Endpoint Protection Manager (SEPM) console.

    Which setting should the administrator disable to minimize the risk of non-authorized users logging into the SEPM console?

    A. allow users to save credentials when logging on

    B. delete clients that have not connected for specified time

    C. lock account after the specified number of unsuccessful logon attempts

    D. allow administrators to reset the passwords

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 250-428 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.