Broadcom 250-428 Exam Practice Test Instant Access

Question 1

What two (2) steps should an administrator take to troubleshoot firewall with the Symantec Endpoint Protection client (Select two.)

ADisable the Symantec Endpoint Protection client and reproduce the issue.

BAdd an 'Allow AH' traffic rule to the assigned firewall policy and reproduce the issue.

CCreate an exclusion in the Exceptions policy and reproduce the issue.

DWithdraw the assigned firewall policy and reproduce the issue.

EEnable TSE debug on the Symantec Endpoint Protect client and reproduce the issue.

Answer : A, B

Question 2

What Symantec Best Practice is recommended when setting up Active Directory integration with the Symantec Endpoint protection Manager?

ALink the built-in Admin account to an Active Directory account.

BEnsure there is more than one Active Directory Server listed in the Server Properties.

CSecure the management console by denying access to certain computers.

DImport the existing AD structure to organize clients in user mode.

Answer : A

Question 3

What is the difference between a shared and non-shared policy?

AShared policies can be edited and replaced for all groups and locations that use it. A non-shared policy is unique to a specific group or location.

BShared policies are replicated to a Replication Partner. A non-shared policy is specific to a local SEPM site.

CShared policies are used in Production. A non-shared policy is used in test and only work in Log Only mode.

DShared policies are unique for a specific group and location. A nonshared policy can be edited and replaced for all groups and locations that use it.

Answer : D

Question 4

An organization deployed a client install package with incorrect group settings to a set of endpoints.

How can the organization ensure the client is NOT automatically added to the incorrect group upon check-in?

ARun the Move Clients utility.

BEnable Block New Clients in the Group properties.

CAdd a new subgroup under the incorrect group.

DCreate a Location that will move the clients automatically to the correct group.

Answer : A

Question 5

An organization is troubleshooting a false positive detection with WS.Respulation.1 Signature on an unmanaged SEP client.

What are the steps to create an exclusion on the unmanaged SEP Client?

AIn the Symantec Endpoint Protection Client, click on View logs and select Virus And SEP ware Protection -> View Logs> Open the Risk Log and Select the log entry for the false positive. Click Export.

BIn the Symantec Endpoint Protection Client, client on Change Settings and select Exceptions -> Configure Settings. Choose Add and select SONAR Exception.

CIn the Symantec Endpoint Protection Client, client on Change Settings and selects Exceptions -> Configure Settings. Choose Add and select Security Exception.

DIn the Symantec Endpoint Protection Client, client on Change Settings and select Exceptions -> Configure Settings. Choose Add and select Application Exception.

Answer : D

Question 6

A Symantec Endpoint Protection administrator is using System Lockdown in blacklist mode with a file fingerprint list. When testing a client, the administrator notices that at least one of the files on the list is allowed to execute.

What is the likely cause of the problem?

AThe application has been upgraded.

BThe Application and Device Control policy is in test mode.

CA file exception has been added to the Exceptions policy.

DThe Application and Device Control policy is allowing the file to execute.

Answer : A

Question 7

A Symantec Endpoint Protection administrator needs to prevent users from modifying files in a specific program folder that is on all client machines.

What does the administrator need to configure?

Aa file and folder exception in the Exception policy

Ban application rule set in the Application and Device Control policy

Ca file fingerprint list and System Lockdown

Dthe Tamper Protection settings for the client folder

Answer : B

Broadcom 250-428 Symantec Endpoint Protection 14 Technical Specialist Exam Practice Test