250-428 Online Practice Questions and Answers

A company has an application that requires network traffic in both directions to multiple systems at a specific external domain. A firewall rule was created to allow traffic to and from the external domain, but the rule is blocking incoming traffic. What should an administrator enable in the firewall policy to allow this traffic?

A. TCP resequencing

B. Smart DHCP

C. Reverse DNS Lookup

D. Smart WINS

How are Insight results stored?

A. Encrypted on the Symantec Endpoint Protection Manager

B. Unencrypted on the Symantec Endpoint Protection Manager

C. Encrypted on the Symantec Endpoint Protection Client

D. Unencrypted on the Symantec Endpoint Protection Client

Where in the Symantec Endpoint Protection (SEP) management console will a SEP administrator find the option to allow all users to enable and disable the client firewall?

A. Client User Interface Control Settings

B. Overview in Firewall Policy

C. Settings in Intrusion Prevention Policy

D. System Lockdown in Group Policy

A Symantec Endpoint Protection (SEP) administrator receives multiple reports that machines are experiencing performance issues. The administrator discovers that the reports happen about the same time as the scheduled LiveUpdate.

Which setting should the SEP administrator configure to minimize I/O when LiveUpdate occurs?

A. Change the LiveUpdate schedule

B. Change the Administrator-defined scan schedule

C. Disable Allow user-defined scans to run when the scan author is logged off

D. Disable Run an Active Scan when new definitions arrive

What is a supported migration path for Symantec Endpoint Protection?

A. Symantec Endpoint Protection Enterprise Edition 12.1 > Symantec Endpoint Protection Small Business Edition 12.1

B. Symantec Endpoint Protection Small Business Edition 12.1 > Symantec Endpoint Protection Enterprise Edition 12.1

C. Symantec Endpoint Protection 12.1 Enterprise Edition > Symantec Endpoint Protection 11.x Enterprise Edition

D. Symantec Endpoint Protection Small Business Edition 12.1 > Symantec Endpoint Protection 11.x Small Business Edition

Employees of an accounting company often take their notebooks to customer sites. The administrator needs to apply a different firewall policy when the notebooks are disconnected from the accounting company's network. What must the administrator configure to use the two different policies?

A. Groups

B. Domains

C. Sites

D. Locations

A company deploys Symantec Endpoint Protection client to its sales staff who travel across the country. Which deployment method should the company use to notify its sales staff to install the client?

A. Push mode

B. Client Deployment Wizard

C. Pull mode

D. Unmanaged Detector

An administrator reports that the Home, Monitors, and Report pages are absent in the Symantec Endpoint Protection Management console when the administrator logs on. Which action should the administrator perform to correct the problem?

A. configure proxy settings for each server in the site

B. configure External Logging to Enable Transmission of Logs to a Syslog Server

C. grant the Administrator Full Access to Root group of the organization

D. grant View Reports permission to the administrator

A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team informs the administrator that a client system is making an FTP connection to a server. While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SEP Traffic log or Packet log. While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process.

What is the most likely reason?

A. The block rule is below the blue line.

B. The server has an IPS exception for that traffic.

C. Peer-to-peer authentication is allowing the traffic.

D. The server is in the IPS policy excluded hosts list.

Which two criteria could be used to define Location Awareness for the Symantec Endpoint Protection (SEP) client? (Choose two.)

A. geographic location

B. NIC description

C. SEP domain

D. Network Speed

E. WINS server

An organization has several remote locations with minimum bandwidth and would like to use a content distribution method that does NOT involve configuring an internal LiveUpdate server. What content distribution method should be utilized?

A. Intelligent Updater

B. Management Server

C. External LiveUpdate

D. Group Update Provider

An organization created the following locations for their endpoint:

Internet (for remote user with no VPN)

VPN (remote users connected to the corporate network)

LAN Ethernet

LAN Wifi

The corporate network and VPN users have internet traffic filtered through a Content Analysis Appliance and a Next-Gen Firewall.

Which location is the most exposed to malicious downloads and needs a higher security posture in the Virus and Spyware protection policy?

A. Internet

B. LAN Wifi

C. LAN Ethernet

D. VPN

An organization created a rule in the Application and Device Control policy to block peer-to-peer applications. What two other protection technologies can block and log such unauthorized application? (Choose two.)

A. Memory Exploit Mitigation

B. Virus and Spyware Protection

C. Custom IPS Signatures

D. Host Integrity

E. Firewall

An organization has a small group of servers with large drive volumes.

What setting in the Virus and Spyware Protection policy can the organization utilize when scheduling scans on these servers?

A. Use resumable scans

B. Use Shared Insight Cache

C. Adjust Auto Protect Settings

D. Randomize scheduled scans

Which content distribution method can distribute content to all client types and provides validation scheduling?

A. Group Update Provider

B. Internal LiveUpdate

C. Intelligent Updater

D. Management Server