Ensurepass

QUESTION 31

A company uses a remote administration tool that is detected and quarantined by Symantec Endpoint Protection (SEP). Which step can an administrator perform to continue using the remote administration tool without detection by SEP?

 

A.

create a Tamper Protect exception for the tool

B.

create an Application to Monitor exception for the tool

C.

create a Known Risk exception for the tool

D.

create a SONAR exception for the tool

 

Correct Answer: C

 

 

QUESTION 32

Catastrophic hardware failure has occurred on a single Symantec Endpoint Protection Manager (SEPM) in an environment with two SEPMs. What is the quickest way an administrator can restore the environment to its original state?

 

A.

build a new site and configure replication with the still functioning SEPM

B.

install a new SEPM into the existing site

C.

clone the still functioning SEPM and change the server.properties file

D.

reinstall the entire SEPM environment

 

Correct Answer: B

 

 

QUESTION 33

An administrator is unable to delete a location. What is the likely cause?

 

A.

The location currently contains clients.

B.

Criteria is defined within the location.

C.

The administrator has client control enabled.

D.

The location is currently assigned as the default location.

 

Correct Answer: D

 

 

 

 

 

QUESTION 34

Which task is unavailable fo
r administrative accounts that authenticate using RSA SecurID Authentication?

 

A.

reset forgotten passwords

B.

import organizational units (OU) from Active Directory

C.

configure external logging

D.

enable Session Based Authentication with Web Services

 

Correct Answer: A

 

 

QUESTION 35

An administrator is reviewing an Infected Clients Report and notices that a client repeatedly shows the same malware detection. Although the client remediates the files, the infection continues to display in the logs. Which two functions should be enabled to automate enhanced remediation of a detected threat and its related side effects? (Select two.)

 

A.

Risk Tracer

B.

Terminate Processes Automatically

C.

Early Launch Anti-Malware Driver

D.

Stop Service Automatically

E.

Stop and Reload AutoProtect

 

Correct Answer: BD

 

 

QUESTION 36

Which protectio
n technology can detect botnet command and control traffic generated on the Symantec Endpoint Protection client machine?

 

A.

Insight

B.

SONAR

C.

Risk Tracer

D.

Intrusion Prevention

 

Correct Answer: D

 

 

QUESTION 37

A company has 10,000 Symantec Endpoint Protection (SEP) clients deployed using two Symantec Endpoint Protection Managers (SEPMs). Which configuration is recommended to ensure that each SEPM is able to effectively handle the communications load with the SEP clients?

 

A.

Push mode

B.

Client control mode

C.

Server control mode

D.

Pull mode

 

Correct Answer: D

 

 

QUESTION 38

Administrators at a company share a single terminal for configuring Symantec Endpoint Protection. The administrators want to ensure that each administrator using the console is forced to authenticate using their individual credentials. They are concerned that administrators may forget to log off the terminal, which would easily allow others to gain access to the Symantec Endpoint Protection Manager (SEPM) console. Which setting should the administrator disable to minimize the risk of non-authorized users logging into the SEPM console?

 

A.

allow users to save credentials when logging on

B.

delete clients that have not connected for specified time

C.

lock account after the specified number of unsuccessful logon attempts

D.

allow administrators to reset the passwords

 

Correct Answer: A

 

 

QUESTION 39

In Symantec Endpoint Protection 12.1 Enterprise Edition, what happens when the license expires?

 

A.

LiveUpdate stops.

B.

Group Update Providers (GUP) stop.

C.

Symantec Insight is disabled.

D.

Content updates continue.

 

Correct Answer: D

 

 

QUESTION 40

A company plans to install six Symantec Endpoint Protection Managers (SEPMs) spread evenly across two sites. The administrator needs to direct replication activity to SEPM3 server in Site 1 and SEPM4 in Site 2. Which two actions should the administrator take to direct replication activity to SEPM3 and SEPM4? (Select two.)

 

A.

Install SEPM3 and SEPM4 after the other SEPMs

B.

Install the SQL Server databases on SEPM3 and SEPM4

C.

Ensure SEPM3 and SEPM4 are defined as the top priority server in the Site Settings

D.

Ensure SEPM3 and SEPM4 are defined as remote servers in the replication partner configuration

E.

Install IT Analytics on SEPM3 and SEPM4

 

Correct Answer: CD

 

Free VCE & PDF File for Symantec 250-315 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.