Testking offers free demo for 250-315 exam. "Administration of Symantec Endpoint Protection 12.1", also known as 250-315 exam, is a Symantec Certification. This set of posts, Passing the Symantec 250-315 exam, will help you answer those questions. The 250-315 Questions & Answers covers all the knowledge points of the real exam. 100% real Symantec 250-315 exams and revised by experts!
Q37. A company needs to configure an Application and Device Control policy to block read/write access to all USB removable media on its Symantec Endpoint Protection (SEP) systems.
Which tool should an administrator use to format the GUID and device IDs as required by SEP?
A. CheckSum.exe
B. DeviceTree.exe
C. TaskMgr.exe
D. DevViewer.exe
Answer: D
Q38. Refer to the exhibit.
Which settings can impact the Files trusted count?
A. SONAR settings in the Virus and Spyware Protection policy
B. System Lockdown Whitelist in the Application and Device Control policy
C. Insight settings in the Virus and Spyware Protection policy
D. File Cache settings in the Virus and Spyware Protection policy
Answer: C
Q39. Which tool should an administrator use to discover and deploy the Symantec Endpoint Protection client to new computers?
A. Unmanaged Detector
B. Client Deployment Wizard
C. Communication Update Package Deployment
D. Symantec Endpoint Discovery Tool
Answer: B
Q40. Which setting can an administrator change that will result in the greatest impact on the speed of delivery of Symantec Endpoint Protection policy changes to the endpoints?
A. Download randomization
B. Heartbeat interval
C. LiveUpdate scheduling frequency
D. Reconnection preferences
Answer: D
Q41. What is the file scan workflow order when Shared Insight Cache and reputation are
enabled?
A. Symantec Insight > Shared Insight Cache server > local client Insight cache
B. Local client Insight cache > Shared Insight Cache server > Symantec Insight
C. Shared Insight Cache server > local client Insight cache > Symantec Insight
D. Local client Insight cache > Symantec Insight > Shared Insight Cache server
Answer: B
Q42. A Symantec Endpoint Protection (SEP) client uses a management server list with three management servers in the priority 1 list.
Which mechanism does the SEP client use to select an alternate management server if the currently selected management server is unavailable?
A. The client chooses another server in the list randomly.
B. The client chooses a server based on the lowest server load.
C. The client chooses a server with the next highest IP address.
D. The client chooses the next server alphabetically by server name.
Answer: A
Q43. A financial company enforces a security policy that prevents banking system workstations from connecting to the Internet.
Which Symantec Endpoint Protection technology is ineffective on this company's workstations?
A. Insight
B. Intrusion Prevention
C. Network Threat Protection
D. Browser Intrusion Prevention
Answer: A
Q44. An administrator is unable to delete a location.
What is the likely cause?
A. The location currently contains clients.
B. Criteria is defined within the location.
C. The administrator has client control enabled.
D. The location is currently assigned as the default location.
Answer: D
Q45. Which two are policy types within the Symantec Endpoint Protection Manager? (Select two.)
A. Exceptions
B. Host Protection
C. Shared Insight
D. Intrusion Prevention
E. Process Control
Answer: A,D
Q46. A managed service provider (MSP) is managing Symantec Endpoint Protection for a number of independent companies. Each company has administrators who will log in from time to time to add new clients. Administrators must be prevented from seeing the existence of other companies in the console. What should an administrator create for each independent company?
A. Domain
B. Location
C. Group
D. Site
Answer: A
Q47. An administrator uses ClientSideClonePrepTool to clone systems and virtual machine
deployment.
What will the tool do when it is run on each system?
A. Run Microsoft SysPrep and removes all AntiVirus/AntiSpyware definitions
B. Disable Tamper Protect and deploys a Sylink.xml
C. Add a new Extended File Attribute value to all existing files
D. Remove unique Hardware IDs and GUIDs from the system
Answer: D
Q48. Refer to the exhibit.
A manufacturing company runs three shifts at their Bristol Sales office. These employees currently share desktops in the B_Desktops group. The administrators need to apply different policies/configurations for each shift.
Which step should the administrator take in order to implement shift policies after switching the clients to user mode?
A. create three shift policies for the Bristol group
B. create a group for each shift of users in the Bristol group
C. turn on inheritance for all groups in England
D. turn on Active Directory integration
E. modify the B_Desktops policy
Answer: B
Q49. Refer to the exhibit.
An administrator uses the search criteria displayed in the exhibit.
Which results are returned from the query?
A. all Windows 2012 Servers in the Default Group
B. only VMware Servers in the Default Group
C. all Windows 2012 Servers and all Virtualized Servers in the Default Group
D. only Windows 2012 Servers that are Virtualized in the Default Group
Answer: D
Q50. Which feature reduces the impact of Auto-Protect on a virtual client guest operating system?
A. Network Shared Insight Cache
B. Virtual Image Exception
C. Scan Randomization
D. Virtual Shared Insight Cache
Answer: B
Q51. Which protection technology can detect botnet command and control traffic generated on the Symantec Endpoint Protection client machine?
A. Insight
B. SONAR
C. Risk Tracer
D. Intrusion Prevention
Answer: D
Q52. What is a supported migration path for Symantec Endpoint Protection?
A. Symantec Endpoint Protection Enterprise Edition 12.1 > Symantec Endpoint Protection Small Business Edition 12.1
B. Symantec Endpoint Protection Small Business Edition 12.1 > Symantec Endpoint Protection Enterprise Edition 12.1
C. Symantec Endpoint Protection 12.1 Enterprise Edition > Symantec Endpoint Protection
11.x Enterprise Edition
D. Symantec Endpoint Protection Small Business Edition 12.1 > Symantec Endpoint Protection 11.x Small Business Edition
Answer: D
Q53. An administrator plans to implement a multi-site Symantec Endpoint Protection (SEP) deployment. The administrator needs to determine whether replication is viable without needing to make network firewall changes or change defaults in SEP.
Which port should the administrator verify is open on the path of communication between the two proposed sites?
A. 1433
B. 2967
C. 8014
D. 8443
Answer: D
Q54. Which task is unavailable for administrative accounts that authenticate using RSA SecurID Authentication?
A. reset forgotten passwords
B. import organizational units (OU) from Active Directory
C. configure external logging
D. enable Session Based Authentication with Web Services
Answer: A