Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmaspas7

Easiest Solution 2 Pass Your Certification Exams

250-428 Symantec Administration of Symantec Endpoint Protection 14 Free Practice Exam Questions (2025 Updated)

Prepare effectively for your Symantec 250-428 Administration of Symantec Endpoint Protection 14 certification with our extensive collection of free, high-quality practice questions. Each question is designed to mirror the actual exam format and objectives, complete with comprehensive answers and detailed explanations. Our materials are regularly updated for 2025, ensuring you have the most current resources to build confidence and succeed on your first attempt.

Symantec 250-428 Premium Access     Download Demo    
Page: 1 / 2
Total 135 questions

What Symantec Best Practice is recommended when setting up Active Directory integration with the Symantec Endpoint protection Manager?

A.

Link the built-in Admin account to an Active Directory account.

B.

Ensure there is more than one Active Directory Server listed in the Server Properties.

C.

Secure the management console by denying access to certain computers.

D.

Import the existing AD structure to organize clients in user mode.

A Symantec Endpoint Protection (SEP) client uses a management server list with three management servers in the priority 1 list.

Which mechanism does the SEP client use to select an alternate management server if the currently selected management server is unavailable?

A.

The client chooses the next server alphabetically by server name.

B.

The client chooses another server alphabetically in the list randomly.

C.

The client chooses a server with the next highest IP address.

D.

The client chooses a server based on the lowest server load.

What does SONAR use to reduce false positives?

A.

Virus and Spyware definitions

B.

Extended File Attributes (EFA) table

C.

File Fingerprint list

D.

Symantec Insight

A Symantec Endpoint Protection administrator needs to comply with a service level agreement stipulating that all definitions must be internally quality assurance tested before being deployed to customers.

Which step should the administrator take?

A.

install a LiveUpdate Administrator Server

B.

install a Shared Insight Cache Server

C.

install a Group Update Provider (GUP) to the existing site

D.

install a Symantec Protection Center

An organization is troubleshooting a false positive detection with WS.Respulation.1 Signature on an unmanaged SEP client.

What are the steps to create an exclusion on the unmanaged SEP Client?

A.

In the Symantec Endpoint Protection Client, click on View logs and select Virus And SEP ware Protection -> View Logs> Open the Risk Log and Select the log entry for the false positive. Click Export.

B.

In the Symantec Endpoint Protection Client, client on Change Settings and select Exceptions -> Configure Settings. Choose Add and select SONAR Exception.

C.

In the Symantec Endpoint Protection Client, client on Change Settings and selects Exceptions -> Configure Settings. Choose Add and select Security Exception.

D.

In the Symantec Endpoint Protection Client, client on Change Settings and select Exceptions -> Configure Settings. Choose Add and select Application Exception.

What is the file scan workflow order when Shared Insight Cache and reputation are enabled?

A.

Symantec Insight > Shared Insight Cache server > local client Insight cache

B.

Local client Insight cache > Shared Insight Cache server > Symantec Insight

C.

Shared Insight Cache server > local client Insight cache > Symantec Insight

D.

Local client Insight cache > Symantec Insight > Shared Insight Cache server

A company plans to install six Symantec Endpoint Protection Managers (SEPMs) spread evenly across two sites. The administrator needs to direct replication activity to SEPM3 server in Site 1 and SEPM4 in Site 2.

Which two actions should the administrator take to direct replication activity to SEPM3 and SEPM4? (Select two.)

A.

Install the SQL Server databases on SEPM3 and SEPM4

B.

Ensure SEPM3 and SEPM4 are in the same time zone

C.

Ensure SEPM3 and SEPM4 are defined as remote servers in the replication partner configuration

D.

Install SEPM3 and SEPM4 after the other SEPMs

E.

Ensure SEPM3 and SEPM4 are defined as the top priority server in in the Site Settings

Which action does the Shared Insight Cache (SIC) server take when the whitelist reaches maximum capacity?

A.

The SIC server allocates additional memory for the whitelist as needed.

B.

The SIC server will start writing the cache to disk.

C.

The SIC server will remove the least recently used items based on the prune size.

D.

The SIC server will remove items with the fewest number of votes.

An administrator is responsible for the Symantec Endpoint Protection architecture of a large, multi-national company with three regionalized data centers. The administrator needs to collect data from clients; however, the collected data must stay in the local regional data center. Communication between the regional data centers is allowed 20 hours a day.

How should the administrator architect this organization?

A.

Set up 3 domains

B.

Set up 3 sites

C.

Set up 3 groups

D.

Set up 3 locations

An administrator is re-adding an existing Replication Partner to the local Symantec Endpoint Protection Manager site.

Which two parameters are required to re-establish this replication partnership? (Select two.)

A.

Remote site Encryption Password

B.

Remote server IP Address and port

C.

Remote SQL database account credentials

D.

Remote server Administrator credentials

E.

Remote site Domain ID

Which policy should an administrator modify to enable Virtual Image Exception (VIE) functionality?

A.

Host Integrity Policy

B.

Exceptions Policy

C.

Virus and Spyware Protection Policy

D.

Application and Device Control Policy

A Symantec Endpoint Protection administrator is using System Lockdown in blacklist mode with a file fingerprint list. When testing a client, the administrator notices that at least one of the files on the list is allowed to execute.

What is the likely cause of the problem?

A.

The application has been upgraded.

B.

The Application and Device Control policy is in test mode.

C.

A file exception has been added to the Exceptions policy.

D.

The Application and Device Control policy is allowing the file to execute.

An administrator plans to implement a multi-site Symantec Endpoint Protection (SEP) deployment. The administrator needs to determine whether replication is viable without needing to make network firewall changes or change defaults in SEP.

Which port should the administrator verify is open on the path of communication between the two proposed sites?

A.

1433

B.

2967

C.

8014

D.

8443

Where can an administrator obtain the Sylink.xml file?

A.

C:\Program Files\Symantec\Symantec Endpoint Protection\ folder on the client

B.

C:\Program Files\Symantec\Symantec Endpoint Protection\Manager\data\inbox\agent\ folder on the Symantec Endpoint Protection Manager

C.

by selecting the client group and exporting the communication settings in the Symantec Endpoint Protection Manager Console

D.

by selecting the location and exporting the communication settings in the Symantec Endpoint Protection Manager Console

When can an administrator add a new replication partner?

A.

immediately following the first LiveUpdate session of the new site

B.

during a Symantec Endpoint Protection Manager upgrade

C.

during the initial install of the new site

D.

immediately following a successful Active Directory sync

Which client log shows that a client is downloading content from its designated source?

A.

Log.LiveUpdate

B.

System Log

C.

Risk Log

D.

SesmLu.log

An administrator selects the Backup files before attempting to repair the Remediations option in the Auto-Protect policies.

Which two actions occur when a virus is detected? (Select two.)

A.

replace the file with a place holder

B.

check the reputation

C.

store in Quarantine folder

D.

send the file to Symantec Insight

E.

encrypt the file

You have executed the vxdg -g diskgroup adddisk disk_name= command.

Which switch needs to be added to force VxVM to take the disk media name of the failed disk and assign it to the new replacement disk?

A.

-force

B.

-k

C.

-f

D.

-assign

Which two options are supported Symantec Endpoint Manager authentication types? (Select two.)

A.

Network Access Control

B.

Biometrics

C.

RSA SecurID

D.

MS-CHAP

E.

Microsoft Active Directory

A company has an application that requires network traffic in both directions to multiple systems at a specific external domain. A firewall rule was created to allow traffic to and from the external domain, but the rule is blocking incoming traffic.

What should an administrator enable in the firewall policy to allow this traffic?

A.

TCP resequencing

B.

Smart DHCP

C.

Reverse DNS Lookup

D.

Smart WINS

Symantec 250-428 Premium Access     Download Demo    
Page: 1 / 2
Total 135 questions
Copyright © 2014-2025 Solution2Pass. All Rights Reserved