250-428 Exam Details

  • Exam Code
    :250-428
  • Exam Name
    :Administration of Symantec Endpoint Protection 14
  • Certification
    :Symantec Certifications
  • Vendor
    :Symantec
  • Total Questions
    :165 Q&As
  • Last Updated
    :Jul 15, 2026

Symantec 250-428 Online Questions & Answers

  • Question 31:

    An administrator uses ClientSideClonePrepTool to clone systems and virtual machine deployment. What will the tool do when it is run on each system?

    A. Run Microsoft SysPrep and removes all AntiVirus/AntiSpyware definitions
    B. Disable Tamper Protect and deploys a Sylink.xml
    C. Add a new Extended File Attribute value to all existing files
    D. Remove unique Hardware IDs and GUIDs from the system

  • Question 32:

    An administrator notices that some entries list that the Risk was partially removed. The administrator needs to determine whether additional steps are necessary to remediate the threat.

    Where in the Symantec Endpoint Protection Manager console can the administrator find additional information on the risk?

    A. Risk log
    B. Computer Status report
    C. Notifications
    D. Infected and At Risk Computers report

  • Question 33:

    An administrator changes the Virus and Spyware Protection policy for a specific group that disables Auto-Protect. The administrator assigns the policy and the client systems applies the corresponding policy serial number. Upon visual inspection of a physical client system, the policy serial number is correct. However, Auto-Protect is still enabled on the client system.

    Which action should the administrator take to ensure that the desired setting is in place on the client?

    A. Restart the client system
    B. Run a command on the computer to Update Content
    C. Enable the padlock next to the setting in the policy
    D. Withdraw the Virus and Spyware Protection policy

  • Question 34:

    A Symantec Endpoint Protection administrator needs to comply with a service level agreement stipulating that all definitions must be internally quality assurance tested before being deployed to customers. Which step should the administrator take?

    A. install a LiveUpdate Administrator Server
    B. install a Shared Insight Cache Server
    C. install a Group Update Provider (GUP) to the existing site
    D. install a Symantec Protection Center

  • Question 35:

    What options should an administrator uncheck in the database properties if you perform database maintenance in SQL Management Studio?

    A. Uncheck "Truncate the database transaction logs" and "Rebuild Indexes" in the General tab of the Database Properties
    B. Uncheck "Truncate the database transaction logs" and "Rebuild Indexes" in the General tab of the Administrator Properties
    C. Uncheck "Truncate the database transaction logs" and "Rebuild Indexes" in the General tab of the Site Properties
    D. Uncheck "Truncate the database transaction logs" and "Rebuild Indexes" in the General tab of the Server Properties

  • Question 36:

    A company receives a high number of reports from users that files being downloaded from internal web servers are blocked. The Symantec Endpoint Protection administrator verifies that the Automatically trust any file downloaded from an intranet website option is enabled.

    Which configuration can cause Insight to block the files being downloaded from the internal web servers?

    A. Intrusion Prevention is disabled.
    B. Local intranet zone is configured incorrectly on the Windows clients browser settings.
    C. Local intranet zone is configured incorrectly on the Mac clients browser settings.
    D. Virus and Spyware Definitions are out of date.

  • Question 37:

    An administrator is troubleshooting a Symantec Endpoint Protection (SEP) replication.

    Which component log should the administrator check to determine whether the communication between the two sites is working correctly?

    A. Apache Web Server
    B. Tomcat
    C. SQL Server
    D. Group Update Provider (GUP)

  • Question 38:

    An organization is troubleshooting a SONAR false positive and has created an exclusion for the in-house application generating the detection. How can the organization use Process Explorer to verify that the exclusion works?

    A. Use Process Explorer to see if secars.dll is still there. If secars.dll is still present in the application as an injected process, ensure the updated policy is applied to the group
    B. Use Process Explorer to see if UMEngx86.dll is still there. If UMEngx86.dll is still present in the application as an injected process, ensure the updated policy is applied to the group
    C. Use Process Explorer to see if IPSFFPI.dll is still there. If IPSFFPI.dll is still present in the application as an injected process, ensure the updated policy is applied to the group
    D. Use Process Explorer to see if sysfer.dll is still there. If sysfer.dll is still present in the application as an injected process, ensure the updated policy is applied to the group

  • Question 39:

    An organization needs to be notified when certain types of events happen in their SEP environment.

    What notification type should the SEP Administrator create to see attacks and events that the firewall or Intrusion Protection System (IPS) detects?

    A. Create a Client Security Notification that filters by Traffic Events
    B. Create a Client Security Notification that filters by Compliance Events
    C. Create a Client Security Notification that filters by Network and Host Mitigation Events
    D. Create a Client Security Notification that filters by Packet Events

  • Question 40:

    Which task is unavailable for administrative accounts that authenticate using RSA SecurID Authentication?

    A. reset forgotten passwords
    B. import organizational units (OU) from Active Directory
    C. configure external logging
    D. enable Session Based Authentication with Web Services

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 250-428 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.