Symantec 250-428 Administration of Symantec Endpoint Protection 14 Online Training
Symantec 250-428 Online Training
The questions for 250-428 were last updated at Apr 21,2025.
- Exam Code: 250-428
- Exam Name: Administration of Symantec Endpoint Protection 14
- Certification Provider: Symantec
- Latest update: Apr 21,2025
A Symantec Endpoint Protection Manager (SEPM) administrator notices performance issues with the SEPM server. The Client tab becomes unresponsive in the SEPM console and .DAT files accumulate in the “agentinfo” folder.
Which tool should the administrator use to gather log files to submit to Symantec Technical Support?
- A . collectLog.cmd
- B . LogExport.exe
- C . smc.exe
- D . ExportLog.vbs
Which two considerations must an administrator make when enabling Application Learning in an environment? (Select two.)
- A . Application Learning should be deployed on a small group of systems in the enterprise.
- B . Application Learning can generate significant CPU or memory use on a Symantec Endpoint Protection Manager.
- C . Application Learning is dependent on Insight.
- D . Application Learning requires a file fingerprint list to be created in advance.
- E . Application Learning can generate increased false positives.
Which task should an administrator perform to troubleshoot operation of the Symantec Endpoint Protection embedded database?
- A . Verify the sqlserver.exe service is running on port 1433
- B . Verify that dbsrv11.exe is listening on port 2638
- C . Check the database transaction logs in X:Program FilesMicrosoft SQL server
- D . Check whether the MSSQLSERVER service is running
An administrator changes the Virus and Spyware Protection policy for a specific group that disables Auto-Protect. The administrator assigns the policy and the client systems apply the corresponding policy serial number. Upon visual inspection of a physical client system, the policy serial number is correct.
However, Auto-Protect is still enabled on the client system.
Which action should the administrator take to ensure that the desired setting is in place on the client?
- A . Restart the client system.
- B . Enable the padlock next to the setting in the policy.
- C . Run a command on the computer to Update Content
- D . Withdraw the Virus and Spyware Protection policy
What does SONAR use to reduce false positives?
- A . Virus and Spyware definitions
- B . Extended File Attributes (EFA) table
- C . File Fingerprint list
- D . Symantec Insight
Which option is a characteristic of a Symantec Endpoint Protection (SEP) domain?
- A . Every administrator from one domain can view data in other domains.
- B . Each domain has its own management server and database.
- C . Data for each domain is stored in its own separate SEP database.
- D . Domains share the same management server and database.
An administrator notices that some entries list that the Risk was partially removed. The administrator needs to determine whether additional steps are necessary to remediate the threat.
Where in the Symantec Endpoint Protection Manager console can the administrator find additional information on the risk?
- A . Infected and At Risk Computers report
- B . Risk log
- C . Notifications
- D . Computer Status report
An administrator reports that the Home, Monitors, and Report pages are absent in the Symantec Endpoint Protection Management console when the administrator logs on.
Which action should the administrator perform to correct the problem?
- A . Grant the Administrator Full Access to Root group of the organization
- B . Configure proxy settings for each server in the site
- C . Configure External Logging to Enable Transmission of Logs to a Syslog Server
- D . Grant View Reports permission to the administrator
An administrator is reviewing an Infected Clients Report and notices that a client repeatedly shows the same malware detection. Although the client remediates the files, the infection continues to display in the logs.
Which two functions should be enabled to automate enhanced remediation of a detected threat and its related side effects? (Select two.)
- A . Stop Service Automatically
- B . Stop and Reload AutoProtect
- C . Terminate Processes Automatically
- D . Risk Tracer
- E . Early Launch Anti-Malware Driver
A company deploys Symantec Endpoint Protection (SEP) to50 virtual machines running on a single ESXi host.
Which configuration change can the administrator make to minimize sudden IOPS impact on the ESXi server while each SEP endpoint communicates with the Symantec Endpoint Protection Manager?
- A . Reduce number of content revisions to keep
- B . Increase download randomization window
- C . Reduce the heartbeat interval
- D . Increase Download Insight sensitivity level
Latest 250-428 Dumps Valid Version with 135 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
