A Symantec Endpoint Protection administrator needs to prevent users from modifying files in a specific program folder that is on all client machines.
What does the administrator need to configure?
Answer : B
A Symantec Endpoint Protection administrator is using System Lockdown in blacklist mode with a file fingerprint list. When testing a client, the administrator notices that at least one of the files on the list is allowed to execute.
What is the likely cause of the problem?
Answer : A
Which two criteria can an administrator use to determine hosts in a host group? (Select two.)
Answer : A,D
What is an appropriate use of a file fingerprint list?
Answer : B
When can an administrator add a new replication partner?
Answer : C
An administrator is re-adding an existing Replication Partner to the local Symantec
Endpoint Protection Manager site.
Which two parameters are required to re-establish this replication partnership? (Select two.)
Answer : A,D
Which task is unavailable for administrative accounts that authenticate using RSA SecurID
Authentication?
Answer : A
Which two considerations must an administrator make when enabling Application Learning in an environment? (Select two.)
Answer : B,C
A Symantec Endpoint Protection (SEP) administrator performed a disaster recovery without a database backup.
In which file should the SEP administrator add "scm.agent.groupcreation=true" to enable the automatic creation of client groups?
Answer : B
Catastrophic hardware failure has occurred on a single Symantec Endpoint Protection
Manager (SEPM) in an environment with two SEPMs.
What is the quickest way an administrator can restore the environment to its original state?
Answer : B
The Security Status on the console home page is failing to alert a Symantec Endpoint
Protection (SEP) administrator when virus definitions are out of date.
How should the SEP administrator enable the Security Status alert?
Answer : A
A large-scale virus attack is occurring and a notification condition is configured to send an email whenever viruses infect five computers on the network. A Symantec Endpoint
Protection administrator has set a one hour damper period for that notification condition.
How many notifications does the administrator receive after 30 computers are infected in two hours?
Answer : B
Administrators at a company share a single terminal for configuring Symantec Endpoint
Protection. The administrators want to ensure that each administrator using the console is forced to authenticate using their individual credentials. They are concerned that administrators may forget to log off the terminal, which would easily allow others to gain access to the Symantec Endpoint Protection Manager (SEPM) console.
Which setting should the administrator disable to minimize the risk of non-authorized users logging into the SEPM console?
Answer : A
After several failed logon attempts, the Symantec Endpoint Protection Manager (SEPM) has locked the default admin account. An administrator needs to make system changes as soon as possible to address an outbreak, but the admin account is the only account.
Which action should the administrator take to correct the problem with minimal impact to the existing environment?
Answer : A
An administrator uses ClientSideClonePrepTool to clone systems and virtual machine deployment.
What will the tool do when it is run on each system?
Answer : D