Which step is unnecessary when an administrator creates an application rule set?
A. define a provider
B. select a process to apply
C. select a process to exclude
D. define rule order
A company allows users to create firewall rules. During the course of business, users are accidentally adding rules that block a custom internal application.
Which steps should the Symantec Endpoint Protection administrator take to prevent users from blocking the custom application?
A. create an Allow Firewall rule for the application and place it at the bottom of the firewall rules below the blue line
B. create an Allow Firewall rule for the application and place it at the bottom of the firewall rules above the blue line
C. create an Allow All Firewall rule for the fingerprint of the file and place it at the bottom of the firewall rules above the blue line
D. create an Allow for the network adapter type used by the application and place it at the top of the firewall rules below the blue line
An administrator is reviewing an Infected Clients Report and notices that a client repeatedly shows the same malware detection. Although the client remediates the files, the infection continues to display in the logs.
Which two functions should be enabled to automate enhanced remediation of a detected threat and its related side effects? (Select two.)
A. Risk Tracer
B. Terminate Processes Automatically
C. Early Launch Anti-Malware Driver
D. Stop Service Automatically
E. Stop and Reload AutoProtect
An administrator changes the Virus and Spyware Protection policy for a specific group that disables Auto-Protect. The administrator assigns the policy and the client systems applies the corresponding policy serial number. Upon visual inspection of a physical client system, the policy serial number is correct. However, Auto-Protect is still enabled on the client system.
Which action should the administrator take to ensure that the desired setting is in place on the client?
A. Restart the client system
B. Run a command on the computer to Update Content
C. Enable the padlock next to the setting in the policy
D. Withdraw the Virus and Spyware Protection policy
You have executed the vxdg -g diskgroup adddisk disk_name= command. Which switch needs to be added to force VxVM to take the disk media name of the failed disk and assign it to the new replacement disk?
A. -force
B. -k
C. -f
D. -assign
Refer to the exhibit.
Which settings can impact the Files trusted count?
A. SONAR settings in the Virus and Spyware Protection policy
B. System Lockdown Whitelist in the Application and Device Control policy
C. Insight settings in the Virus and Spyware Protection policy
D. File Cache settings in the Virus and Spyware Protection policy
What does SONAR use to reduce false positives?
A. Virus and Spyware definitions
B. File Fingerprint list
C. Symantec Insight
D. Extended File Attributes (EFA) table
Which action does SONAR take before convicting a process?
A. quarantines the process
B. blocks suspicious behavior
C. reboots the system
D. checks the reputation of the process
An administrator notices that some entries list that the Risk was partially removed. The administrator needs to determine whether additional steps are necessary to remediate the threat.
Where in the Symantec Endpoint Protection Manager console can the administrator find additional information on the risk?
A. Risk log
B. Computer Status report
C. Notifications
D. Infected and At Risk Computers report
Which two instances could cause Symantec Endpoint Protection to be unable to remediate a file? (Select two.)
A. Another scan is in progress.
B. The detected file is in use.
C. There are insufficient file permissions.
D. The file is marked for deletion by Windows on reboot.
E. The file has good reputation.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 250-315 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.