Broadcom 250-428 Exam Practice Test Instant Access

Question 1

A company plans to install six Symantec Endpoint Protection Managers (SEPMs) spread evenly across two sites. The administrator needs to direct replication activity to SEPM3 server in Site 1 and SEPM4 in Site 2.

Which two actions should the administrator take to direct replication activity to SEPM3 and SEPM4? (Select two.)

AInstall the SQL Server databases on SEPM3 and SEPM4

BEnsure SEPM3 and SEPM4 are in the same time zone

CEnsure SEPM3 and SEPM4 are defined as remote servers in the replication partner configuration

DInstall SEPM3 and SEPM4 after the other SEPMs

EEnsure SEPM3 and SEPM4 are defined as the top priority server in in the Site Settings

Answer : C, E

Question 2

In the virus and Spyware Protection policy, an administrator sets the First action to Clean risk and sets If first action fails to Delete risk.

Which two factors should the administrator consider? (Select two.)

AThe deleted file may still be in the Recycle Bin.

BIT Analytics may keep a copy of the file for investigation.

CFalse positives may delete legitimate files.

DInsight may back up the file before sending it to Symantec.

EA copy of the threat may still be in the quarantine.

Answer : C, E

Question 3

Which setting can an administrator change that will result in the greatest impact on the speed of delivery of Symantec Endpoint Protection policy changes to the endpoints?

ADownload randomization

BHeartbeat interval

CLiveUpdate scheduling frequency

DReconnection preferences

Answer : D

Question 4

An administrator changes the Virus and Spyware Protection policy for a specific group that disables Auto-Protect. The administrator assigns the policy and the client systems apply the corresponding policy serial number. Upon visual inspection of a physical client system, the policy serial number is correct. However, Auto-Protect is still enabled on the client system.

Which action should the administrator take to ensure that the desired setting is in place on the client?

ARestart the client system.

BEnable the padlock next to the setting in the policy.

CRun a command on the computer to Update Content

DWithdraw the Virus and Spyware Protection policy

Answer : B

Question 5

Which two criteria are used by Symantec Insight to evaluate binary executables? (Select two.)

AAge

BPrevalence

CSensitivity

DConfidentiality

EContent

Answer : A, B

Question 6

Which option is a function of the Symantec Endpoint Protection client?

ASends and receives application reputation ratings from LiveUpdate

BUploads logs to the Shared Insight Cache

CDownloads virus content updates from Symantec Insight

DProvides a Lotus Notes email scanner

Answer : D

References: https://support.symantec.com/en_US/article.TECH95093.html

Question 7

A Symantec Endpoint Protection administrator is using System Lockdown in blacklist mode with a file fingerprint list. When testing a client, the administrator notices that at least one of the files on the list is allowed to execute.

What is the likely cause of the problem?

AThe application has been upgraded.

BThe Application and Device Control policy is in test mode.

CA file exception has been added to the Exceptions policy.

DThe Application and Device Control policy is allowing the file to execute.

Answer : A

Broadcom Symantec Endpoint Protection 14 Technical Specialist 250-428 Exam Practice Test