A company deploys Symantec Endpoint Protection client to its sales staff who travel across the country.
Which deployment method should the company use to notify its sales staff to install the client?
A. Push mode
B. Client Deployment Wizard
C. Pull mode
D. Unmanaged Detector
A user is unknowingly about to connect to a malicious website and download a known threat within a .rar file.All Symantec Endpoint Protection technologies are installed on the client’s system.
In which feature set order must the threat pass through to successfully infect the system?
A. Download Insight, Firewall, IPS
B. Firewall, IPS, Download Insight
C. IPS, Firewall, Download Insight
D. Download Insight, IPS, Firewall
Which two Symantec Endpoint Protection components are used to distribute content updates? (Select two.)
A. Group Update Provider (GUP)
B. Shared Insight Cache Server
C. Symantec Protection Center
D. Symantec Endpoint Protection Manager
E. Symantec Insight Database
A Symantec Endpoint Protection administrator is using System Lockdown in blacklist mode with a file fingerprint list. When testing a client, the administrator notices that at least one of the files on the list is allowed to execute.
What is the likely cause of the problem?
A. The application has been upgraded.
B. The Application and Device Control policy is in test mode.
C. A file exception has been added to the Exceptions policy.
D. The Application and Device Control policy is allowing the file to execute.
A Symantec Endpoint Protection (SEP) client uses a management server list with three management servers in the priority 1 list.
Which mechanism does the SEP client use to select an alternate management server if the currently selected management server is unavailable?
A. The client chooses another server in the list randomly.
B. The client chooses a server based on the lowest server load.
C. The client chooses a server with the next highest IP address.
D. The client chooses the next server alphabetically by server name.
Which two considerations must an administrator make when enabling Application Learning in an environment? (Select two.)
A. Application Learning can generate increased false positives.
B. Application Learning should be deployed on a small group of systems in the enterprise.
C. Application Learning can generate significant CPU or memory use on a Symantec Endpoint Protection Manager.
D. Application Learning requires a file fingerprint list to be created in advance.
E. Application Learning is dependent on Insight.
A system running Symantec Endpoint Protection is assigned to a group with client user interface control settings set to mixed mode with Auto-Protect options set to Client. The user on the system is unable to turn off Auto-Protect.
What is the likely cause of this problem?
A. Tamper protection is enabled.
B. System Lockdown is enabled.
C. Application and Device Control is configured.
D. The padlock on the enable Auto-Protect option is locked.
A Symantec Endpoint Protection (SEP) administrator performed a disaster recovery without a database backup.
In which file should the SEP administrator add "scm.agent.groupcreation=true" to enable the automatic creation of client groups?
An administrator is designing a new single site Symantec Endpoint Protection environment. Due to perimeter firewall bandwidth restrictions, the design needs to minimize the amount of traffic from content passing through the firewall.
Which source must the administrator avoid using?
A. Symantec Endpoint Protection Manager
B. LiveUpdate Administrator (LUA)
C. Group Update Provider (GUP)
D. Shared Insight Cache (SIC)