250-428 Administration of Symantec Endpoint Protection 14 Questions and Answers

A Symantec Endpoint Protection administrator is using System Lockdown in blacklist mode with a file fingerprint list. When testing a client, the administrator notices that at least one of the files on the list is allowed to execute.

What is the likely cause of the problem?

When can an administrator add a new replication partner?

An administrator is unable to delete a location.

What is the likely cause?

Which action can an administrator take to improve the Symantec Endpoint Protection Manager (SEPM) dashboard performance and report accuracy?

In addition to performance improvements, which two benefits does Insight provide? (Select two.)

A company needs to configure an Application and Device Control policy to block read/write access to all USB removable media on its Symantec Endpoint Protection (SEP) systems.

Which tool should an administrator use to format the GUID and device IDs as required by SEP?

Which command attempts to find the name of the drive in the private region and to match it to a disk media record that is missing a disk access record?

Which action should an administrator take to prevent users from using Windows Security Center?

An administrator is troubleshooting a Symantec Endpoint Protection (SEP) replication.

Which component log should the administrator check to determine whether the communication between the two sites is working correctly?

Which two items should an administrator enter in the License Activation Wizard to activate a license? (Select two.)

A Symantec Endpoint Protection (SEP) administrator is remotely deploying SEP clients, but the clients are failing to install on Windows XP.

What are two possible reasons for preventing installation? (Select two.)

A company uses a remote administration tool that is detected and quarantined by Symantec Endpoint Protection (SEP).

Which step can an administrator perform to continue using the remote administration tool without detection by SEP?

Employees of an accounting company often take their notebooks to customer sites. The administrator needs to apply a different firewall policy when the notebooks are disconnected from the accounting company's network.

What must the administrator configure to use the two different policies?

Which protection technology can detect botnet command and control traffic generated on the Symantec Endpoint Protection client machine?

An administrator uses ClientSideClonePrepTool to clone systems and virtual machine deployment. What will the tool do when it is run on each system?

You have just started a relayout operation in a live test environment, and you want to limit the impact of your work on concurrent testing activities. You also want to accommodate the need to constrain a relayout job’s performance impact on concurrent activities.

What would you do to perform this task?

Which two options are supported Symantec Endpoint Manager authentication types? (Select two.)