250-315 Online Practice Questions and Answers

Which two Symantec Endpoint Protection components are used to distribute content updates? (Select two.)

A. Group Update Provider (GUP)

B. Shared Insight Cache Server

C. Symantec Protection Center

D. Symantec Endpoint Protection Manager

E. Symantec Insight Database

An organization employs laptop users who travel frequently. The organization needs to acquire log data from these Symantec Endpoint Protection clients periodically. This must happen without the use of a VPN.

Internet routable traffic should be allowed to and from which component?

A. Group Update Provider (GUP)

B. LiveUpdate Administrator Server (LUA)

C. Symantec Endpoint Protection Manager (SEPM)

D. IT Analytics Server (ITA)

Which two items should an administrator enter in the License Activation Wizard to activate a license? (Select two.)

A. password for the Symantec Licensing Site

B. purchase order number

C. serial number

D. Symantec License file

E. credit card number

Which two criteria should an administrator use when defining Location Awareness for the Symantec Endpoint Protection (SEP) client? (Select two.)

A. NIC description

B. SEP domain

C. geographic location

D. WINS server

E. Network Speed

A Symantec Endpoint Protection (SEP) administrator is remotely deploying SEP clients, but the clients are failing to install on Windows XP.

What are two possible reasons for preventing installation? (Select two.)

A. Windows firewall is enabled.

B. Internet Connection firewall is disabled.

C. Administrative file shares are enabled.

D. Simple file sharing is enabled.

E. Clients are configured for DHCP.

The LiveUpdate Download Schedule is set to the default on the Symantec Endpoint Protection Manager (SEPM).

How many content revisions must the SEPM keep to ensure clients that check in to the SEPM every 10 days receive xdelta content packages instead of full content packages?

A. 10

B. 20

C. 30

D. 60

A company receives a high number of reports from users that files being downloaded from internal web servers are blocked. The Symantec Endpoint Protection administrator verifies that the Automatically trust any file downloaded from an intranet website option is enabled.

Which configuration can cause Insight to block the files being downloaded from the internal web servers?

A. Intrusion Prevention is disabled.

B. Local intranet zone is configured incorrectly on the Windows clients browser settings.

C. Local intranet zone is configured incorrectly on the Mac clients browser settings.

D. Virus and Spyware Definitions are out of date.

A Symantec Endpoint Protection administrator must block traffic from an attacking computer for a specific time period.

Where should the administrator adjust the time to block the attacking computer?

A. in the firewall policy, under Protection and Stealth

B. in the firewall policy, under Built in Rules

C. in the group policy, under External Communication Settings

D. in the group policy, under Communication Settings

A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team informs the administrator that a client system is making an FTP connection to a server. While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SEP Traffic log or Packet log. While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process.

What is the most likely reason?

A. The block rule is below the blue line.

B. The server has an IPS exception for that traffic.

C. Peer-to-peer authentication is allowing the traffic.

D. The server is in the IPS policy excluded hosts list.

When can an administrator add a new replication partner?

A. immediately following the first LiveUpdate session of the new site

B. during a Symantec Endpoint Protection Manager upgrade

C. during the initial install of the new site

D. immediately following a successful Active Directory sync

Which task is unavailable for administrative accounts that authenticate using RSA SecurID Authentication?

A. reset forgotten passwords

B. import organizational units (OU) from Active Directory

C. configure external logging

D. enable Session Based Authentication with Web Services

Refer to the exhibit.

Which settings can impact the Files trusted count?

A. SONAR settings in the Virus and Spyware Protection policy

B. System Lockdown Whitelist in the Application and Device Control policy

C. Insight settings in the Virus and Spyware Protection policy

D. File Cache settings in the Virus and Spyware Protection policy

Which action does SONAR take before convicting a process?

A. quarantines the process

B. blocks suspicious behavior

C. reboots the system

D. checks the reputation of the process

Which action can an administrator take to improve the Symantec Endpoint Protection Manager (SEPM) dashboard performance and report accuracy?

A. decreasing the number of content revisions to keep

B. lowering the client installation log entries

C. rebuilding database indexes

D. limiting the number of backups to keep

Refer to the exhibit.

An administrator has configured the Symantec Endpoint Protection Manager (SEPM) to use Active Directory authentication. The administrator defines a new Symantec Endpoint Protection administrator named Sep_SysAdmin, configured to use Directory Authentication.

Which password needs to be entered when the administrator logs in to the SEPM console as Sep_SysAdmin?

A. The password for the Active Directory account Nova_Grant

B. The password for the SEPM account Nova_Grant

C. The password for the Active Directory account Sep_SysAdmin

D. The password for the SEPM account Sep_SysAdmin