Administration of Symantec Endpoint Protection 12.1 v10.0

Page:    1 / 8   
Exam contains 119 questions

A company deploys Symantec Endpoint Protection client to its sales staff who travel across the country.
Which deployment method should the company use to notify its sales staff to install the client?

  • A. Push mode
  • B. Client Deployment Wizard
  • C. Pull mode
  • D. Unmanaged Detector


Answer : B

Refer to the exhibit.
An administrator uses the search criteria displayed in the exhibit.
Which results are returned from the query?

  • A. all Windows 2012 Servers in the Default Group
  • B. only VMware Servers in the Default Group
  • C. all Windows 2012 Servers and all Virtualized Servers in the Default Group
  • D. only Windows 2012 Servers that are Virtualized in the Default Group


Answer : D

A company deploys Symantec Endpoint Protection (SEP) to 50 virtual machines running on a single ESXi host.
Which configuration change can the administrator make to minimize sudden IOPS impact on the ESXi server while each SEP endpoint communicates with the Symantec Endpoint
Protection Manager?

  • A. increase Download Insight sensitivity level
  • B. reduce the heartbeat interval
  • C. increase download randomization window
  • D. reduce number of content revisions to keep


Answer : C

A company has 10,000 Symantec Endpoint Protection (SEP) clients deployed using two
Symantec Endpoint Protection Managers (SEPMs).
Which configuration is recommended to ensure that each SEPM is able to effectively handle the communications load with the SEP clients?

  • A. Push mode
  • B. Client control mode
  • C. Server control mode
  • D. Pull mode


Answer : D

A Symantec Endpoint Protection (SEP) client uses a management server list with three management servers in the priority 1 list.
Which mechanism does the SEP client use to select an alternate management server if the currently selected management server is unavailable?

  • A. The client chooses another server in the list randomly.
  • B. The client chooses a server based on the lowest server load.
  • C. The client chooses a server with the next highest IP address.
  • D. The client chooses the next server alphabetically by server name.


Answer : A

Which setting can an administrator change that will result in the greatest impact on the speed of delivery of Symantec Endpoint Protection policy changes to the endpoints?

  • A. Download randomization
  • B. Heartbeat interval
  • C. LiveUpdate scheduling frequency
  • D. Reconnection preferences


Answer : D

Which action does the Shared Insight Cache (SIC) server take when the whitelist reaches maximum capacity?

  • A. The SIC server allocates additional memory for the whitelist as needed.
  • B. The SIC server will start writing the cache to disk.
  • C. The SIC server will remove the least recently used items based on the prune size.
  • D. The SIC server will remove items with the fewest number of votes.


Answer : C

Which policy should an administrator modify to enable Virtual Image Exception (VIE) functionality?

  • A. Host Integrity Policy
  • B. Virus and Spyware Protection Policy
  • C. Exceptions Policy
  • D. Application and Device Control Policy


Answer : B

The LiveUpdate Download Schedule is set to the default on the Symantec Endpoint
Protection Manager (SEPM).
How many content revisions must the SEPM keep to ensure clients that check in to the
SEPM every 10 days receive xdelta content packages instead of full content packages?

  • A. 10
  • B. 20
  • C. 30
  • D. 60


Answer : C

Which setting can an administrator configure in the LiveUpdate Policy?

  • A. specific content revision to download from a Group Update Provider (GUP)
  • B. specific content policies to download
  • C. Linux Settings
  • D. frequency to download content


Answer : D

Which ports on the company firewall must an administrator open to avoid problems when connecting to Symantec Public LiveUpdate servers?

  • A. 25, 80, and 2967
  • B. 2967, 8014, and 8443
  • C. 21, 443, and 2967
  • D. 21, 80, and 443


Answer : D

An administrator needs to add an Application Exception. When the administrator accesses the Application Exception dialog window, applications fail to appear.
What is the likely problem?

  • A. The Learn applications that run on the client computers setting is disabled.
  • B. The client computers already have exclusions for the applications.
  • C. The Symantec Endpoint Protection Manager is installed on a Domain Controller.
  • D. The clients are in a trusted Symantec Endpoint Protection domain.


Answer : A

A company uses a remote administration tool that is detected and quarantined by
Symantec Endpoint Protection (SEP).
Which step can an administrator perform to continue using the remote administration tool without detection by SEP?

  • A. create a Tamper Protect exception for the tool
  • B. create an Application to Monitor exception for the tool
  • C. create a Known Risk exception for the tool
  • D. create a SONAR exception for the tool


Answer : C

Which command attempts to find the name of the drive in the private region and to match it to a disk media record that is missing a disk access record?

  • A. vxdisk
  • B. vxdctl
  • C. vxreattach
  • D. vxrecover


Answer : C

A company receives a high number of reports from users that files being downloaded from internal web servers are blocked. The Symantec Endpoint Protection administrator verifies that the Automatically trust any file downloaded from an intranet website option is enabled.
Which configuration can cause Insight to block the files being downloaded from the internal web servers?

  • A. Intrusion Prevention is disabled.
  • B. Local intranet zone is configured incorrectly on the Windows clients browser settings.
  • C. Local intranet zone is configured incorrectly on the Mac clients browser settings.
  • D. Virus and Spyware Definitions are out of date.


Answer : B

Page:    1 / 8   
Exam contains 119 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.