250-315 Exam Questions
271 real 250-315 exam questions with expert-verified answers and explanations. Page 1 of 6.
- Question #1
Which two Symantec Endpoint Protection components are used to distribute content updates? (Select two.)
- Question #2
What is a valid Symantec Endpoint Protection (SEP) single site design?
- Question #3
Where can an administrator obtain the Sylink.xml file?
- Question #4
An administrator is unable to delete a location. What is the likely cause?
- Question #5
Which two are policy types within the Symantec Endpoint Protection Manager? (Select two.)
- Question #6
An organization employs laptop users who travel frequently. The organization needs to acquire log data from these Symantec Endpoint Protection clients periodically. This must happe...
- Question #7
A large software company runs a small engineering department that is remotely located over a slow WAN connection. Which option should the company use to install an exported Symante...
- Question #8
A company deploys Symantec Endpoint Protection client to its sales staff who travel across the country. Which deployment method should the company use to notify its sales staff to...
- Question #9
Refer to the exhibit. An administrator uses the search criteria displayed in the exhibit. Which results are returned from the query?
- Question #10
A company deploys Symantec Endpoint Protection (SEP) to 50 virtual machines running on a single ESXi host. Which configuration change can the administrator make to minimize sudden...
- Question #11
A company has 10,000 Symantec Endpoint Protection (SEP) clients deployed using two Symantec Endpoint Protection Managers (SEPMs). Which configuration is recommended to ensure that...
- Question #12
A Symantec Endpoint Protection (SEP) client uses a management server list with three management servers in the priority 1 list. Which mechanism does the SEP client use to select an...
- Question #13
Which setting can an administrator change that will result in the greatest impact on the speed of delivery of Symantec Endpoint Protection policy changes to the endpoints?
- Question #14
Which action does the Shared Insight Cache (SIC) server take when the whitelist reaches maximum capacity?
- Question #15
Which policy should an administrator modify to enable Virtual Image Exception (VIE) functionality?
- Question #16
The LiveUpdate Download Schedule is set to the default on the Symantec Endpoint Protection Manager (SEPM). How many content revisions must the SEPM keep to ensure clients that chec...
- Question #17
Which setting can an administrator configure in the LiveUpdate Policy?
- Question #18
Which ports on the company firewall must an administrator open to avoid problems when connecting to Symantec Public LiveUpdate servers?
- Question #19
An administrator needs to add an Application Exception. When the administrator accesses the Application Exception dialog window, applications fail to appear. What is the likely pro...
- Question #20
A company uses a remote administration tool that is detected and quarantined by Symantec Endpoint Protection (SEP). Which step can an administrator perform to continue using the re...
- Question #21
Which command attempts to find the name of the drive in the private region and to match it to a disk media record that is missing a disk access record?
- Question #22
A company receives a high number of reports from users that files being downloaded from internal web servers are blocked. The Symantec Endpoint Protection administrator verifies th...
- Question #23
Which action should an administrator take to prevent users from using Windows Security Center?
- Question #24
An administrator configures the scan duration for a scheduled scan. The scan fails to complete in the specified time period. When will the next scheduled scan occur on the computer...
- Question #25
A Symantec Endpoint Protection (SEP) administrator receives multiple reports that machines are experiencing performance issues. The administrator discovers that the reports happen...
- Question #26
An administrator needs to increase the access speed for client files that are stored on a file server. Which configuration should the administrator review to address the read speed...
- Question #27
What are two criteria that Symantec Insight uses to evaluate binary executables? (Select two.)
- Question #28
How are Insight results stored?
- Question #29
Which two options are available when configuring DNS change detected for SONAR? (Select two.)
- Question #30
Refer to the exhibit. In the use case displayed in the exhibit, why is Notepad unable to save the changes to this file?
- Question #31
An administrator selects the Backup files before attempting to repair the Remediations option in the Auto-Protect policies. Which two actions occur when a virus is detected? (Selec...
- Question #32
In the virus and Spyware Protection policy, an administrator sets the First action to Clean risk and sets If first action fails to Delete risk. Which two factors should the adminis...
- Question #33
A threat was detected by Auto-Protect on a client system. Which command can an administrator run to determine whether additional threats exist?
- Question #34
A company has an application that requires network traffic in both directions to multiple systems at a specific external domain. A firewall rule was created to allow traffic to and...
- Question #35
A Symantec Endpoint Protection administrator must block traffic from an attacking computer for a specific time period. Where should the administrator adjust the time to block the a...
- Question #36
A user is unknowingly about to connect to a malicious website and download a known threat within a .rar file. All Symantec Endpoint Protection technologies are installed on the cli...
- Question #37
A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team info...
- Question #38
A Symantec Endpoint Protection administrator needs to prevent users from modifying files in a specific program folder that is on all client machines. What does the administrator ne...
- Question #39
A Symantec Endpoint Protection administrator is using System Lockdown in blacklist mode with a file fingerprint list. When testing a client, the administrator notices that at least...
- Question #40
Which two criteria can an administrator use to determine hosts in a host group? (Select two.)
- Question #41
What is an appropriate use of a file fingerprint list?
- Question #42
When can an administrator add a new replication partner?
- Question #43
An administrator is re-adding an existing Replication Partner to the local Symantec Endpoint Protection Manager site. Which two parameters are required to re-establish this replica...
- Question #44
Which task is unavailable for administrative accounts that authenticate using RSA SecurID Authentication?
- Question #45
Which two considerations must an administrator make when enabling Application Learning in an environment? (Select two.)
- Question #46
A Symantec Endpoint Protection (SEP) administrator performed a disaster recovery without a database backup. In which file should the SEP administrator add "scm.agent.groupcreation=...
- Question #47
Catastrophic hardware failure has occurred on a single Symantec Endpoint Protection Manager (SEPM) in an environment with two SEPMs. What is the quickest way an administrator can r...
- Question #48
Which protection technology can detect botnet command and control traffic generated on the Symantec Endpoint Protection client machine?
- Question #49
Which protection engine should be enabled to drop malicious vulnerability scans against a client system?
- Question #50
What is a function of Symantec Insight?