Sample Exam

Sample Exam 250-315: Administration of Symantec Endpoint Protection 12.1

Back to Exam Details Page

Exam Details

# of Questions: 75 - 85
Exam Duration: 105 minutes
Passing Score: 67%

Answer each question then check the correct answers provided at the bottom of the page.
1. Which protocol does an unmanaged detector use to identify systems on the network?What is a possible cause of this problem?
  • a. ICMP
  • b. TCP
  • c. ARP
  • d. UDP
2. An administrator has successfully installed Symantec Endpoint Protection Manager. Which component is deployed to the server at this point in time?
  • a. AntiVirus/AntiSpyware Protection
  • b. Shared Insight Cache
  • c. Apache Tomcat Server
  • d. Central Quarantine Server
  • e. Internet Information Services (IIS)
3. What is the first step an administrator must complete in order to integrate Active Directory with Symantec Endpoint Protection 12.1?
  • a. Import a Security Group or a Distribution Group.
  • b. Import an Organizational Unit (OU), User Object, or Computer Object.
  • c. Add the Active Directory server to the Symantec Endpoint Protection Site.
  • d. Add the Active Directory server to a Symantec Endpoint Protection Manager.
4. Which two methods can be used to identify the target machines to which the Symantec Endpoint Protection client can be installed when using the Client Deployment Wizard? (Select two.)
  • a. Browse through Windows networking.
  • b. Import a file containing IP addresses.
  • c. Specify a UNC path.
  • d. Import a file from the Unmanaged Detector.
  • e. Enable the ARP Discovery feature.
5. When Auto-Protect is enabled, protection is optional for which type of file access?
  • a. access
  • b. modify
  • c. backup
  • d. restore
6. What happens when you mark the "Enable NetBIOS Protection" checkbox?
  • a. verifies remote computer identity using WINS server lookup
  • b. blocks NetBIOS requests on all NetBIOS ports
  • c. permits NetBIOS connections from local subnet only
  • d. dynamically adds an allow rule for NetBIOS
7. What are two uses of Application Control? (Select two.)?
  • a. prevents applications from accessing the registry
  • b. prevents applications from creating files
  • c. prevents applications from accessing ports
  • d. prevents applications from replicating
  • e. prevents applications from accessing the network
8. Scheduled reports are delivered as which type?
  • a. HTML
  • b. XML
  • c. MHT
  • d. HTM
9. How does an administrator manage Client User Interface Control Settings?
  • a. by group
  • b. by location
  • c. by domain
  • d. by user
10. Which criteria is used to define a Tamper Protection exception?
  • a. file fingerprint
  • b. file name
  • c. MD5 hash
  • d. process owner
11. What should an administrator configure to prevent clients from receiving Proactive Threat Scan updates?
  • a. Virus and Spyware Protection policy
  • b. LiveUpdate policy
  • c. Intrusion Prevention policy
  • d. LiveUpdate Content policy
12. A company recently installed a proxy server and configured firewall rules to allow only HTTP traffic through the perimeter firewall. Since the change, Symantec Endpoint Protection 12.1 is unable to receive updates.
Which step must be taken on the Symantec Endpoint Protection Manager to receive updates?
  • a. Configure proxy settings within Internet Explorer under Internet Options.
  • b. Configure proxy settings under Server Properties.
  • c. Configure proxy settings within the External Communication Settings.
  • d. Configure proxy settings in the LiveUpdate policy.
13. An administrator plans to make a duplicate of an existing policy and modify it for use on a test client in the Symantec Endpoint Protection Manager (SEPM).
What is the quickest and simplest way to duplicate the existing policy?
  • a. Copy and paste the policy's XML file on the SEPM and log back in to the console.
  • b. Copy and paste the policy's XML file on the SEPM and restart the SEPM services.
  • c. In the SEPM console's Policy page, copy the policy, and then paste the policy.
  • d. Add a new client with inheritance turned off, then modify the policy.
14. Which utility should be protected to prevent unauthorized access to the Symantec Endpoint Protection Manager in a production environment?
  • a. resetpass.bat
  • b. sylinkdrop.exe
  • c. scm.bat
  • d. httpd.exe
15. According to Symantec recommendations, a Symantec Endpoint Protection Manager should have how many replication partners?
  • a. no more than 2
  • b. no more than 5
  • c. no more than 15
  • d. no more than 25
16. In addition to a file's reputation, which two are used to block files using Download Insight? (Select two.)?
  • a. the age of the file
  • b. the website the file was downloaded from
  • c. the protocol the file was downloaded with
  • d. the number of other Symantec users with the same file
  • e. a list of Internet domains
17. In which two sets of circumstances would it be beneficial to exclude a host within an IPS policy? (Select two.)?
  • a. A company needs to set up custom intrusion prevent signatures in the IPS policy.
  • b. to allow a vulnerability scanner on the network to ensure compliance with service agreements
  • c. A company may have computers on an internal network that need to be set up for testing purposes.
  • d. to log the activity of a particular machine for auditing
  • e. to create an exception that will exclude particular IPS signatures
18. A company requires that sales representatives' laptops be managed even when they are out of the office.
Which set up will ensure the most continuous management?
  • a. Create a remote location using location awareness.
  • b. Place the Symantec Endpoint Protection Manager in the DMZ.
  • c. Install an internal LiveUpdate server in the DMZ.
  • d. Install Symantec Protection Center in the DM."
19. Which is the most appropriate performance use case for searching clients by virtual platform version in the Symantec Endpoint Protection Manager's client view?
  • a. Moving clients to a group where Shared Insight Cache is enabled.
  • b. Moving clients to a location where SONAR features are disabled.
  • c. Moving clients to a group with disabled scheduled scans.
  • d. Moving clients to a location with Download Insight enabled.
20. What has the greatest impact on the size of the Symantec Endpoint Protection Manager database?
  • a. number of content revisions
  • b. number of log entries
  • c. number of users
  • d. number of backups to keep
Answers: 1-c, 2-c, 3-d, 4-a&b, 5-c, 6-c, 7-a&b, 8-c, 9-b, 10-b, 11-d, 12-b, 13-c, 14-a, 15-b, 16-a&d, 17-b&c, 18-b, 19-a, 20-b

Contact the Symantec Certification Team

Can't find what you're looking for? If you have questions or need further assistance, send an email to