Certbus > Symantec > Symantec Certifications > 250-428 > 250-428 Online Practice Questions and Answers

250-428 Online Practice Questions and Answers

Questions 4

A company has an application that requires network traffic in both directions to multiple systems at a specific external domain. A firewall rule was created to allow traffic to and from the external domain, but the rule is blocking incoming traffic. What should an administrator enable in the firewall policy to allow this traffic?

A. TCP resequencing

B. Smart DHCP

C. Reverse DNS Lookup

D. Smart WINS

Browse 165 Q&As
Questions 5

How are Insight results stored?

A. Encrypted on the Symantec Endpoint Protection Manager

B. Unencrypted on the Symantec Endpoint Protection Manager

C. Encrypted on the Symantec Endpoint Protection Client

D. Unencrypted on the Symantec Endpoint Protection Client

Browse 165 Q&As
Questions 6

Where in the Symantec Endpoint Protection (SEP) management console will a SEP administrator find the option to allow all users to enable and disable the client firewall?

A. Client User Interface Control Settings

B. Overview in Firewall Policy

C. Settings in Intrusion Prevention Policy

D. System Lockdown in Group Policy

Browse 165 Q&As
Questions 7

A Symantec Endpoint Protection (SEP) administrator receives multiple reports that machines are experiencing performance issues. The administrator discovers that the reports happen about the same time as the scheduled LiveUpdate.

Which setting should the SEP administrator configure to minimize I/O when LiveUpdate occurs?

A. Change the LiveUpdate schedule

B. Change the Administrator-defined scan schedule

C. Disable Allow user-defined scans to run when the scan author is logged off

D. Disable Run an Active Scan when new definitions arrive

Browse 165 Q&As
Questions 8

What is a supported migration path for Symantec Endpoint Protection?

A. Symantec Endpoint Protection Enterprise Edition 12.1 > Symantec Endpoint Protection Small Business Edition 12.1

B. Symantec Endpoint Protection Small Business Edition 12.1 > Symantec Endpoint Protection Enterprise Edition 12.1

C. Symantec Endpoint Protection 12.1 Enterprise Edition > Symantec Endpoint Protection 11.x Enterprise Edition

D. Symantec Endpoint Protection Small Business Edition 12.1 > Symantec Endpoint Protection 11.x Small Business Edition

Browse 165 Q&As
Questions 9

Employees of an accounting company often take their notebooks to customer sites. The administrator needs to apply a different firewall policy when the notebooks are disconnected from the accounting company's network. What must the administrator configure to use the two different policies?

A. Groups

B. Domains

C. Sites

D. Locations

Browse 165 Q&As
Questions 10

A company deploys Symantec Endpoint Protection client to its sales staff who travel across the country. Which deployment method should the company use to notify its sales staff to install the client?

A. Push mode

B. Client Deployment Wizard

C. Pull mode

D. Unmanaged Detector

Browse 165 Q&As
Questions 11

An administrator reports that the Home, Monitors, and Report pages are absent in the Symantec Endpoint Protection Management console when the administrator logs on. Which action should the administrator perform to correct the problem?

A. configure proxy settings for each server in the site

B. configure External Logging to Enable Transmission of Logs to a Syslog Server

C. grant the Administrator Full Access to Root group of the organization

D. grant View Reports permission to the administrator

Browse 165 Q&As
Questions 12

A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team informs the administrator that a client system is making an FTP connection to a server. While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SEP Traffic log or Packet log. While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process.

What is the most likely reason?

A. The block rule is below the blue line.

B. The server has an IPS exception for that traffic.

C. Peer-to-peer authentication is allowing the traffic.

D. The server is in the IPS policy excluded hosts list.

Browse 165 Q&As
Questions 13

Which two criteria could be used to define Location Awareness for the Symantec Endpoint Protection (SEP) client? (Choose two.)

A. geographic location

B. NIC description

C. SEP domain

D. Network Speed

E. WINS server

Browse 165 Q&As
Questions 14

An organization has several remote locations with minimum bandwidth and would like to use a content distribution method that does NOT involve configuring an internal LiveUpdate server. What content distribution method should be utilized?

A. Intelligent Updater

B. Management Server

C. External LiveUpdate

D. Group Update Provider

Browse 165 Q&As
Questions 15

An organization created the following locations for their endpoint:

Internet (for remote user with no VPN)

VPN (remote users connected to the corporate network)

LAN Ethernet

LAN Wifi

The corporate network and VPN users have internet traffic filtered through a Content Analysis Appliance and a Next-Gen Firewall.

Which location is the most exposed to malicious downloads and needs a higher security posture in the Virus and Spyware protection policy?

A. Internet

B. LAN Wifi

C. LAN Ethernet

D. VPN

Browse 165 Q&As
Questions 16

An organization created a rule in the Application and Device Control policy to block peer-to-peer applications. What two other protection technologies can block and log such unauthorized application? (Choose two.)

A. Memory Exploit Mitigation

B. Virus and Spyware Protection

C. Custom IPS Signatures

D. Host Integrity

E. Firewall

Browse 165 Q&As
Questions 17

An organization has a small group of servers with large drive volumes.

What setting in the Virus and Spyware Protection policy can the organization utilize when scheduling scans on these servers?

A. Use resumable scans

B. Use Shared Insight Cache

C. Adjust Auto Protect Settings

D. Randomize scheduled scans

Browse 165 Q&As
Questions 18

Which content distribution method can distribute content to all client types and provides validation scheduling?

A. Group Update Provider

B. Internal LiveUpdate

C. Intelligent Updater

D. Management Server

Browse 165 Q&As
Exam Code: 250-428
Exam Name: Administration of Symantec Endpoint Protection 14
Last Update: Mar 16, 2025
Questions: 165 Q&As

PDF

$49.99

VCE

$55.99

PDF + VCE

$65.99