What does SONAR use to reduce false positives?
A. Symantec Insight
B. Extended File Attributes (EFA) table
C. Virus and Spyware definitions
D. File Fingerprint list
正解:A
質問 2:
An exception needs to be created for a file named "RunMe.exe" in a user's Windows 7 "My Documents" folder. The user's login name is Bob.
Which method should be used?
A. create a file exception for "*\RunMe.exe"
B. create a file exception for "[Drive]:\Users\Bob\My Documents\RunMe.exe"
C. create a file exception for "RunMe.exe" with a Prefix Variable of [USERNAME]
D. create a file exception for "RunMe.exe" with a Prefix Variable of %USERPROFILE%
正解:B
質問 3:
An administrator is reviewing an Infected Clients Report and notices that a client repeatedly shows the same malware detection. Although the client remediates the files, the infection continues to display in the logs.
Which two functions should be enabled to automate enhanced remediation of a detected threat and its related side effects? (Select two.)
A. Terminate Processes Automatically
B. Stop Service Automatically
C. Risk Tracer
D. Early Launch Anti-Malware Driver
E. Stop and Reload AutoProtect
正解:A,B
質問 4:
A Symantec Endpoint Protection (SEP) administrator creates a firewall policy to block FTP traffic and assigns the policy to all of the SEP clients. The network monitoring team informs the administrator that a client system is making an FTP connection to a server. While investigating the problem from the SEP client GUI, the administrator notices that there are zero entries pertaining to FTP traffic in the SEP Traffic log or Packet log. While viewing the Network Activity dialog, there is zero inbound/outbound traffic for the FTP process.
What is the most likely reason?
A. The block rule is below the blue line.
B. The server is in the IPS policy excluded hosts list.
C. Peer-to-peer authentication is allowing the traffic.
D. The server has an IPS exception for that traffic.
正解:B
質問 5:
An administrator is responsible for the Symantec Endpoint Protection architecture of a large, multi-national company with three regionalized data centers. The administrator needs to collect data from clients; however, the collected data must stay in the local regional data center. Communication between the regional data centers is allowed 20 hours a day.
How should the administrator architect this organization?
A. set up 3 locations
B. set up 3 groups
C. set up 3 domains
D. set up 3 sites
正解:D
質問 6:
A Symantec Endpoint Protection (SEP) administrator performed a disaster recovery without
a database backup.
In which file should the SEP administrator add "scm.agent.groupcreation=true" to enable the automatic creation of client groups?
A. settings.conf
B. catalina.out
C. conf.properties
D. httpd.conf
正解:C
質問 7:
Which Symantec Endpoint Protection Management (SEPM) database option is the default for deployments of fewer than 1,000 clients?
A. On SEPM: Installing Microsoft SQL on the same server as the SEPM
B. EmbeddeD. Using the Sybase SQL Anywhere database that comes with the product
C. Embedde Using the Microsoft SQL database that comes with the product
D. External to SEPM: Using a preexisting Microsoft SQL server in the environment
正解:B
質問 8:
A large software company runs a small engineering department that is remotely located over a slow WAN connection.
Which option should the company use to install an exported Symantec Endpoint Protection (SEP) package to the remote site using the smallest amount of network bandwidth?
A. a SEP package using the Install Packages tab
B. a SEP package using a policy defined Multiple Group Update Provider (GUP) list
C. a SEP package using Basic content
D. a SEP package using a policy defined Single Group Update Provider (GUP)
正解:C
仲*爱 -
短い時間で250-315試験に合格するには、250-315問題集を買わなければならないです。250-315問題集は素晴らしい商品です!