[Free] Download New Latest (January 2016) Symantec 250-315 Real Exam 71-80

Ensurepass

QUESTION 71

A large-scale virus attack is occurring and a notification condition is configured to send an email whenever viruses infect five computers on the network. A Symantec Endpoint Protection administrator has set a one hour damper period for that notification condition. How many notifications does the administrator receive after 30 computers are infected in two hours?

 

A.

1

B.

2

C.

6

D.

15

 

Correct Answer: B

 

 

QUESTION 72

Which command attempts to find the name of the drive in the private region and to match it to a disk media record that is missing a disk access record?

 

A.

vxdisk

B.

vxdctl

C.

vxreattach

D.

vxrecover

 

Correct Answer: C

 

 

QUESTION 73

Which action does SONAR take before convicting a process?

 

A.

quarantines the process

B.

blocks suspicious behavior

C.

reboots the system

D.

checks the reputation of the process

 

Correct Answer: D

 

 

 

QUESTION 74

A Symantec Endpoint Protection administrator is using System Lockdown in blacklist mode with a file fingerprint list. When testing a client, the administrator notices that at least one of the files on the list is allowed to execute. What is the likely cause of the problem?

 

A.

The application has been upgraded.

B.

The Application and Device Control policy is in test mode.

C.

A file exception has been added to the Exceptions policy.

D.

The Application and Device Control policy is allowing the file to execute.

 

Correct Answer: A

 

 

QUESTION 75

Which two considerations must an administrator make when enabling Application Learning in an environment? (Select two.)

 

A.

Application Learning can generate increased false positives.

B.

Application Learning should be deployed on a small group of systems in the enterprise.

C.

Application Learning can generate significant CPU or memory use on a Symantec Endpoint Protection Manager.

D.

Application Learning requires a file fingerprint list to be created in advance.

E.

Application Learning is dependent on Insight.

 

Correct Answer: BC

 

 

QUESTION 76

What does SONAR use to reduce false positives?

 

A.

Virus and Spyware definitions

B.

File Fingerprint list

C.

Symantec Insight

D.

Extended File Attributes (EFA) table

 

Correct Answer: C

 

 

QUESTION 77

Which two criteria should an administrator use when defining Location Awareness for the Symantec Endpoint Protection (SEP) client? (Select two.)

 

A.

NIC description

B.

SEP domain

C.

geographic location

D.

WINS server

E.

Network Speed

 

Correct Answer: AD

 

 

 

 

QUESTION 78

Which action must a Symantec Endpoint Protection administrator take before creating custom Intrusion Prevention signatures?

 

A.

change the custom signature order

B.

create a Custom Intrusion Prevention Signature library

C.

define signature variables

D.

enable signature logging

 

Correct Answer: B

 

 

QUESTION 79

An administrator is designing a new single site Symantec Endpoint Protection environment. Due to perimeter firewall bandwidth restrictions, the design needs to minimize the amount of traffic from content passing through the firewall. Which source must the administrator avoid using?

 

A.

Symantec Endpoint Protection Manager

B.

LiveUpdate Administrator (LUA)

C.

Group Update Provider (GUP)

D.

Shared Insight Cache (SIC)

 

Correct Answer: B

 

 

QUESTION 80

After several failed logon attempts, the Symantec Endpoint Protection Manager (SEPM) has locked the default admin account. An administrator needs to make system changes as soon as possible to address an outbreak, but the admin account is the only account. Which action should the administrator take to correct the problem with minimal impact to the existing environment?

 

A.

wait 15 minutes and attempt to log on again

B.

restore the SEPM from a backup

C.

run the Management Server and Configuration Wizard to reconfigure the server

D.

reinstall the SEPM

 

Correct Answer: A

 

Free VCE & PDF File for Symantec 250-315 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in 250-315 Real Exam (January 2016) and tagged , , , , , , . Bookmark the permalink.