250-312 - Admin of Symantec Backup Exec 12 for Windows Servers

Go back to Symantec

Example Questions

How frequently does Symantec recommend that a Symantec Endpoint Protection Manager site check LiveUpdate for content updates? A company is transitioning from using policies based on the individual that logs in to the client machine to policies based only on the client machine. Which Symantec Endpoint Protection 12.1 change will the organization need to perform? A company is setting up a new environment with three Symantec Endpoint Protection Managers (SEPM) and wants to set one SEPM to act as the primary reporting server. Where in the SEPM should the administrator configure the priority reporting server to be used for running scheduled reports and notifications? A company is currently testing Symantec Endpoint Protection 12.1 on 100 clients. The company has decided to deploy SEP to an additional 20,000 clients. They are concerned about the number of clients supported on a single Symantec Endpoint Protection Manager (SEPM). What should the company do to ensure that the SEPM can support the clients? A company organizes its clients into two groups: the Symantec Endpoint Protection Manager (SEPM) group with all the SEPMs and a Desktops group with all other systems. An Application and Device Control policy is used with the "Block modifications to hosts file" rule set enabled. This policy is applied to all groups in the company. How can an administrator modify the hosts file on the SEPM systems, while minimizing risks posed to the company? An administrator makes a change in the Active Directory structure which has been imported into the Symantec Endpoint Protection Manager (SEPM). By default, when will the change automatically be reflected in the SEPM? Which two can be used when defining location switching criteria for the Symantec Endpoint Protection 12.1 client? (Select two.) Which component is required in order to run Symantec Endpoint Protection 12.1 protection technologies? A new installation of the Symantec Endpoint Protection 12.1 (SEP) is running on a trial license. For how long can managed SEP clients receive updates? An administrator defines the Active Directory settings in the Symantec Endpoint Protection Manager (SEPM). The administrator adds an account named Sep_SysAdmin in the SEPM. This account is configured to use Active Directory Authentication. Which two settings can the administrator configure for the Sep_SysAdmin account? (Select two.) A large set of static PDF files stored on a single virtual client system, which is running on an ESX server, need to be scanned daily by a scheduled scan. Which two features should be employed to minimize performance impact on the client during scanning of these files? (Select two.) Which Symantec Endpoint Protection 12.1 component improves performance because known good files are skipped? Immediately after installation, what does a managed client do to contact the Symantec Endpoint Protection Manager (SEPM)? Which authentication method must be used to provide the ability to reset forgotten passwords? Which notification action can be performed when a security-related condition is met? Which command line syntax invokes the Symantec Endpoint Protection Client Service to determine whether a more recent copy of the configuration file is available on the management server? A company is deploying Symantec Endpoint Protection 12.1 and configuring remediation options within the Virus and Spyware Protection policy. They are considering enabling "Terminate processes automatically" within the remediation options. If this feature is enabled, which two characteristics will the user see when the client must terminate a process to remove or repair a risk? (Select two.) Which Symantec Endpoint Protection 12.1 defense mechanism provides protection against worms like W32. Silly.FDC, which propagate from system to system through the use of autorun.inf files? Which two criteria can be used to determine hosts in a host group? (Select two.) Which Symantec Endpoint Protection 12.1 component provides services to improve the performance of virtual client scanning? For replication, Symantec recommends that the number of sites be kept to five for optimum performance. What can be done to reduce the number of sites? A company creates free web access computers for use in public areas, such as airports. The software provided on the computers will be static and the systems must be secure. What should be used to restrict unauthorized applications from running on these computers? All email Auto-Protect options are disabled, and an administrator receives an email from an associate with a . zip file attached. There are three files in the .zip file that are needed for the administrator's presentation the next day. What neither of them realize is that one of the files is infected with a virus. When will File System Auto-Protect detect this infected file? A Symantec Endpoint Protection Manager (SEPM) administrator is importing from an Active Directory environment. The administrator needs to know which object types are being imported. Which two object types are imported into the SEPM from Active Directory? (Select two.) An administrator is in the process of recovering from a disaster and needs the keystore password to update the certificate on the Symantec Endpoint Protection Manager (SEPM). From which two locations can the administrator obtain this information? (Select two.) What could be an adverse effect of activating aggressive mode on the SONAR policy? Which Intrusion Prevention feature is updated automatically? How can an administrator proactively obtain information about unknown devices on a network? A company suffered catastrophic hardware failure on the Symantec Endpoint Protection Manager (SEPM). The administrator restores the hardware and the operating system with the required software (including SEPM). The administrator then runs the SEPM Database Back Up and Restore utility. What is the most important consideration? Which two actions can a user take during an in-progress scheduled scan? (Select two.) A company is running the Symantec Endpoint Protection 12.1 firewall with the default policy. At the bottom of the ruleset, there is a rule called "Block all other IP traffic and log" which will block all IP traffic. A financial application is being blocked by this rule. What should be changed to allow the application without sacrificing security? A company is running the Symantec Endpoint Protection 12.1 firewall and wants to ensure that DNS traffic is allowed. Which feature should be enabled in the firewall policy? A Symantec Endpoint Protection 12.1 (SEP) administrator is remotely deploying SEP clients, but the clients are failing to install on Windows XP. Which two could be preventing installation? (Select two.) An administrator needs to ensure that a specific network threat can be detected. The attack signatures for this threat may be found across multiple packets. What can the administrator do to ensure the best chance of detecting this threat? A company selected Opera 10 as its corporate browser. Drive-by downloads are occurring and SONAR intercepts the resulting scripts. How should the company proceed to minimize the occurrence of drive-by downloads? Some customers report that when they run the command "smc -stop" on their clients, they are unable to connect to network resources. What is wrong? An administrator needs to exclude some servers from an Intrusion Prevention System (IPS) policy. When specifying an excluded host in an IPS policy, which two methods can be used? (Select two.) In Symantec Endpoint Protection 12.1 Enterprise Edition (SEP), what happens when the Soft Enforcement license expires? Which statement describes a difference between Virtual Image Exceptions (VIE) and Shared Insight Cache (SIC)? A Symantec Endpoint Protection 12.1 client is running a user-defined scan when a scheduled, administrator-defined scan is scheduled to launch. What is the effect on the client? Which two are optional when replicating between Symantec Endpoint Protection Managers? (Select two.) A large software company has a small engineering department that is remotely located over a slow WAN connection. Which method will deploy the Symantec Endpoint Protection 12.1 (SEP) clients to the remote site using the smallest amount of network bandwidth? An administrator gets a browser certificate warning when accessing the Symantec Endpoint Protection Manager (SEPM) Web console. Where can the administrator obtain a self-signed certificate to prevent this warning from appearing? Which Symantec Endpoint Protection client component must be installed to enable Unmanaged Detector mode? A company with one site has a factory with computers in the manufacturing area. Both factory managers and operators need to log in to these shared computers. Different policies will be applied depending on whether the individual logging in to the machine is a manager or an operator. Which Symantec Endpoint Protection 12.1 feature provides this ability? A company has three groups of clients: Laptops, Desktops, and Servers. Administrators must have the ability to perform manual scans for these clients from the Symantec Endpoint Protection Manager. In addition, the manual scans need to be customized according to the different clients, for example by customizing whether memory is scanned and which folder locations are scanned. How can the environment be configured to provide this ability while minimizing management overhead? Which port is used by default for replication between sites? A client is unable to communicate with the Symantec Endpoint Protection Manager (SEPM) Server. The administrator decides to replace the Sylink.xml file on the client using the SylinkDrop tool. Which two additional tasks can be accomplished by replacing the Sylink.xml file? (Select two.) Which step must be completed to set up two sites to replicate? In addition to performance improvements, which two benefits does Insight provide? (Select two.)