1 / 6

2018 CertQueen 250-428 Questions and Answers

250-428 questions and answers from CertQueen are valid in your preparation.

wirygnrhd
Download Presentation

2018 CertQueen 250-428 Questions and Answers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. https://www.certqueen.com/250-428.html FREE Dumps for Symantec 250-428 Exam 1.After several failed logon attempts, the Symantec Endpoint Protection Manager (SFPM) has locked the default admin account. An administrator needs to make system changes as soon as possible to address an outbreak, but the admin account is the only account. Which action should the administrator lake to correct the problem with minimal impact to the existing environment? A. Wait 15 minutes and attempt to log on again B. Restore the SEPM from a backup C. Run the Management Server and Configuration Wizard to reconfigure the server D. Reinstall the SEPM Answer: A Explanation: https://support.symantec.com/en_US/article.HOWTO80757.html 2.In which two areas can host groups be used? (Select two.) A.Locations B. Download Insight C.IPS D.Application and Device Control E. Firewall Answer: CE 3.Winch Symantec Endpoint Protection technology blocks a downloaded program from installing browser plugins? A. Intrusion Prevention B. SONAR C. Tamper Protection D. Application and Device Control Answer: D 4.Which Symantec End point Protection defense mechanism provides protection against threats that propagate from system to system through the use of autotun.inf files? 1 / 6

  2. https://www.certqueen.com/250-428.html A. Host Integrity B. SONAR C. Application and Device Control D. Emulator Answer: C 5.An administrator uses the scorch criteria displayed in the image below. Which results ore returned from the query? A. Only VMware Servers in the Default Group B. All Windows 2012 Servers in the Default Group C. Only Windows 2012 Servers that are Virtualized in the Default Group D. All Windows 2012 Servers and all Virtualized Servers in the Default Group Answer: D 6.Which action should an administrator take to prevent users from using Windows Security Center? A. Set Disable antivirus alert within Windows Security Center to Disable B. Set Disable Windows Security Center to Always C. Set Disable Windows Security Center to Disable D. Set Disable antivirus alert within Windows Security Center to Never Answer: B 7.Which two options are supported Symantec End point Manager authentication types? (Select two.) A. Microsoft Active Directory B. MS-CHAP C. RSA SecurID D. Biometrics 2 / 6

  3. https://www.certqueen.com/250-428.html E. Network Access Control Answer: A, C 8.A Symantec Endpoint Protection (SEP) client uses a management server list with three management servers in the priority 1 list. Which mechanism does the SEP client use to select an alternate management server if the currently selected management server is unavailable? A. The client chooses another server in the list randomly. B. The client chooses a server based on the lowest server load. C. The client chooses a server with the next highest IP address. D. The client chooses the next server alphabetically by server name. Answer: A 9.A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients.The network monitoring team informs the administrator that a client system is making an FTP connection to a server.While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SEP Traffic log or Packet log.While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process. What is the most likely reason? A. The block rule is below the blue line. B. The server has an IPS exception for that traffic. C. Peer-to-peer authentication is allowing the traffic. D. The server is in the IPS policy excluded hosts list. Answer: D 10.Which setting can an administrator configure in the LiveUpdate Policy? A. specific content revision to download from a Group Update Provider (GUP) B. specific content policies to download C. Linux Settings D. frequency to download content Answer: D 11.A Symantec Endpoint Protection Manager (SEPM) administrator notices performance issues with the SEPM server. The Client tab becomes unresponsive in the SEPM console and .DAT files accumulate in the “agentinfo” folder. Which tool should the administrator use to gather log files to submit to Symantec Technical Support? A. collectLog.cmd B. LogExport.exe C. ExportLog.vbs D. smc.exe 3 / 6

  4. https://www.certqueen.com/250-428.html Answer: A 12.Which two considerations must an administrator make when enabling Application Learning in an environment? (Select two.) A. Application Learning can generate increased false positives. B. Application Learning should be deployed on a small group of systems in the enterprise. C. Application Learning can generate significant CPU or memory use on a Symantec Endpoint Protection Manager. D. Application Learning requires a file fingerprint list to be created in advance. E. Application Learning is dependent on Insight. Answer: B, C 13.Which task should an administrator perform to troubleshoot operation of the Symantec Endpoint Protection embedded database? A. verify that dbsrv11.exe is listening on port 2638 B. check whether the MSSQLSERVER service is running C. verify the sqlserver.exe service is running on port 1433 D. check the database transaction logs in X:\Program Files\Microsoft SQL server Answer: A 14.An administrator changes the Virus and Spyware Protection policy for a specific group that disables Auto-Protect. The administrator assigns the policy and the client systems applies the corresponding policy serial number. Upon visual inspection of a physical client system, the policy serial number is correct. However, Auto-Protect is still enabled on the client system. Which action should the administrator take to ensure that the desired setting is in place on the client? A. Restart the client system B. Run a command on the computer to Update Content C. Enable the padlock next to the setting in the policy D. Withdraw the Virus and Spyware Protection policy Answer: C 15.What does SONAR use to reduce false positives? A. Virus and Spyware definitions B. File Fingerprint list C. Symantec Insight D. Extended File Attributes (EFA) table Answer: C 16.What is a characteristic of a Symantec Endpoint Protection (SEP) domain? A. Each domain has its own management server and database. 4 / 6

  5. https://www.certqueen.com/250-428.html B. Every administrator from one domain can view data in other domains. C. Data for each domain is stored in its own separate SEP database. D. Domains share the same management server and database. Answer: D 17.An administrator notices that some entries list that the Risk was partially removed. The administrator needs to determine whether additional steps are necessary to remediate the threat. Where in the Symantec Endpoint Protection Manager console can the administrator find additional information on the risk? A. Risk log B. Computer Status report C. Notifications D. Infected and At Risk Computers report Answer: A 18.An administrator reports that the Home, Monitors, and Report pages are absent in the Symantec Endpoint Protection Management console when the administrator logs on. Which action should the administrator perform to correct the problem? A. configure proxy settings for each server in the site B. configure External Logging to Enable Transmission of Logs to a Syslog Server C. grant the Administrator Full Access to Root group of the organization D. grant View Reports permission to the administrator Answer: D 19.An administrator is reviewing an Infected Clients Report and notices that a client repeatedly shows the same malware detection. Although the client remediates the files, the infection continues to display in the logs. Which two functions should be enabled to automate enhanced remediation of a detected threat and its related side effects? (Select two.) A. Risk Tracer B. Terminate Processes Automatically C. Early Launch Anti-Malware Driver D. Stop Service Automatically E. Stop and Reload AutoProtect Answer: B, D 20.A company deploys Symantec Endpoint Protection (SEP) to 50 virtual machines running on a single ESXi host. Which configuration change can the administrator make to minimize sudden IOPS impact on the ESXi server while each SEP endpoint communicates with the Symantec Endpoint Protection Manager? 5 / 6

  6. https://www.certqueen.com/250-428.html A. increase Download Insight sensitivity level B. reduce the heartbeat interval C. increase download randomization window D. reduce number of content revisions to keep Answer: C 6 / 6 Powered by TCPDF (www.tcpdf.org)

More Related