250-428 Exam Details

  • Exam Code
    :250-428
  • Exam Name
    :Administration of Symantec Endpoint Protection 14
  • Certification
    :Symantec Certifications
  • Vendor
    :Symantec
  • Total Questions
    :165 Q&As
  • Last Updated
    :Jul 15, 2026

Symantec 250-428 Online Questions & Answers

  • Question 21:

    An organization would like to control the policies that the client uses when connecting over VPN, but wants to use a different set of policies in the office. How should an administrator implement this?

    A. Create a Location called VPN and a Group called Office. Allow the client to switch to the VPN location when the user is working remote.
    B. Create a Group called VPN and a Location called Office. Allow the client to switch to the VPN location when the user is working remote.
    C. Create a Location called VPN and a Location called Office. Allow the client to switch to the VPN location when the user is working remote.
    D. Create a Group called VPN and a Group called Office. Move the client to the VPN group when the user is working remotely.

  • Question 22:

    An administrator is reviewing an Infected Clients Report and notices that a client repeatedly shows the same malware detection. Although the client remediates the files, the infection continues to display in the logs. Which two functions should be enabled to automate enhanced remediation of a detected threat and its related side effects? (Select two.)

    A. Risk Tracer
    B. Terminate Processes Automatically
    C. Early Launch Anti-Malware Driver
    D. Stop Service Automatically
    E. Stop and Reload AutoProtect

  • Question 23:

    An administrator configures the scan duration for a scheduled scan. The scan fails to complete in the specified time period. When will the next scheduled scan occur on the computer?

    A. when the computer reboots
    B. when the user restarts the scan
    C. at the next scheduled scan period
    D. within the next hour

  • Question 24:

    What is the difference between a Block versus a Terminate action, when creating an Application Control rule?

    A. A Block action prevents a child process from running. A Terminate action kills the application making the request or the caller process.
    B. A Block action excludes the child process from being scanned. A Terminate action prevents the process from running.
    C. A Block action places the process in Quarantine. A Terminate action kills the application making the request or the caller process.
    D. A Block action prevents the process to be left alone. A Terminate action prevents the process from running.

  • Question 25:

    Which feature reduces the impact of Auto-Protect on a virtual client guest operating system?

    A. Network Shared Insight Cache
    B. Virtual Image Exception
    C. Scan Randomization
    D. Virtual Shared Insight Cache

  • Question 26:

    A company allows users to create firewall rules. During the course of business, users are accidentally adding rules that block a custom internal application. Which steps should the Symantec Endpoint Protection administrator take to prevent users from blocking the custom application?

    A. Create an Allow All Firewall rule for the fingerprint of the file and place it at the bottom of the firewall rules above the blue line
    B. Create an Allow firewall rule for the application and place it at the bottom of the firewall rules below the blue line
    C. Create an Allow for the network adapter type used by the application and place it at the top of the firewall rules below the blue line.
    D. Create an Allow Firewall rule for the application and place it at the top of the firewall rules above the blue line.

  • Question 27:

    A company has a small number of systems in their Symantec Endpoint Protection Manager (SEPM) group with federal mandates that AntiVirus definitions undergo a two week testing period. After being loaded on the client, the tested virus definitions must remain unchanged on the client systems until the next set of virus definitions have completed testing. All other clients must remain operational on the most recent definition sets. An internal LiveUpdate Server has been considered as too expensive to be a solution for this company.

    What should be modified on the SEPM to meet this mandate?

    A. The LiveUpdate Settings policy for this group should be modified to use an Explicit Group Update Provider.
    B. The LiveUpdate Content policy for this group should be modified to use a specific definition revision.
    C. The SEPM site LiveUpdate settings should be modified so the Number of content revisions to keep is set to 1.
    D. The SEPM site LiveUpdate settings should be modified so the Number of content revisions to keep is set to 14.

  • Question 28:

    Which action can an administrator take to improve the Symantec Endpoint Protection Manager (SEPM) dashboard performance and report accuracy?

    A. Decreasing the number of content revisions to keep
    B. Lowering the client installation log entries
    C. Rebuilding database indexes
    D. Limiting the number of backups to keep

  • Question 29:

    Where does an administrator review logs, after enabling debug logging for client communication on a SEP for Mac client?

    A. /Library/Application Support/Symantec/SMC/log/syslog.log
    B. /Library/Application Support/Symantec/SMC/debug/als_debug.log
    C. /Library/Application Support/Symantec/SMC/debug/smc_debug.log
    D. /Library/Application Support/Symantec/SMC/log/sylink.log

  • Question 30:

    Where could a SEP Administrator specify a notice to display before logging onto the Symantec Endpoint Protection Manager?

    A. Add banner title and banner text under the Logon Banner
    B. Once a month
    C. Everyday
    D. Every two weeks

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 250-428 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.