250-315 Online Practice Questions and Answers

An administrator is responsible for the Symantec Endpoint Protection architecture of a large, multi-national company with three regionalized data centers. The administrator needs to collect data from clients; however, the collected data must stay in the local regional data center. Communication between the regional data centers is allowed 20 hours a day.

How should the administrator architect this organization?

A. set up 3 domains

B. set up 3 sites

C. set up 3 locations

D. set up 3 groups

A Symantec Endpoint Protection administrator needs to comply with a service level agreement stipulating that all definitions must be internally quality assurance tested before being deployed to customers.

Which step should the administrator take?

A. install a LiveUpdate Administrator Server

B. install a Shared Insight Cache Server

C. install a Group Update Provider (GUP) to the existing site

D. install a Symantec Protection Center

Which setting can an administrator change that will result in the greatest impact on the speed of delivery of Symantec Endpoint Protection policy changes to the endpoints?

A. Download randomization

B. Heartbeat interval

C. LiveUpdate scheduling frequency

D. Reconnection preferences

Which action does the Shared Insight Cache (SIC) server take when the whitelist reaches maximum capacity?

A. The SIC server allocates additional memory for the whitelist as needed.

B. The SIC server will start writing the cache to disk.

C. The SIC server will remove the least recently used items based on the prune size.

D. The SIC server will remove items with the fewest number of votes.

Which command attempts to find the name of the drive in the private region and to match it to a disk media record that is missing a disk access record?

A. vxdisk

B. vxdctl

C. vxreattach

D. vxrecover

An administrator configures the scan duration for a scheduled scan. The scan fails to complete in the specified time period.

When will the next scheduled scan occur on the computer?

A. when the computer reboots

B. when the user restarts the scan

C. at the next scheduled scan period

D. within the next hour

What is an appropriate use of a file fingerprint list?

A. allow unknown files to be downloaded with Insight

B. prevent programs from running

C. prevent AntiVirus from scanning a file

D. allow files to bypass Intrusion Prevention detection

What is a function of Symantec Insight?

A. provides reputation ratings for structured data

B. enhances the capability of Group Update Providers (GUP)

C. increases the efficiency and effectiveness of LiveUpdate

D. provides reputation ratings for binary executables

What is a function of the Symantec Endpoint Protection client?

A. uploads logs to the Shared Insight Cache

B. sends and receives application reputation ratings from LiveUpdate

C. downloads virus content updates from Symantec Insight

D. provides a Lotus Notes email scanner

Which action does SONAR take before convicting a process?

A. quarantines the process

B. blocks suspicious behavior

C. reboots the system

D. checks the reputation of the process