Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Symantec 250-315 Exam -

Free 250-315 Sample Questions:

Q: 1
Which Symantec Endpoint Protection 12.1 protection technology provides the primary protection layers against zero-day network attacks?
B. Client Firewall
C. Intrusion Prevention
D. System Lockdown
Answer: C

Q: 2
According to Symantec, what is a botnet?
A. systems infected with the same virus strain
B. groups of systems performing remote tasks without the users' knowledge
C. groups of computers configured to steal credit card records
D. compromised systems opening communication to an IRC channel
Answer: B

Q: 3
A financial company has a security policy that prevents banking system workstations from connecting to the internet. Which Symantec Endpoint Protection 12.1 protection technology will be prevented from working on the company's workstations?
A. Insight
B. Application and Device Control
C. Network Threat Protection
D. LiveUpdate
Answer: A

Q: 4
In addition to performance improvements, which two benefits does Insight provide? (Select two.)
A. reputation scoring for documents
B. zero-day threat detection
C. protection against system file modifications
D. false positive mitigation
E. blocking of malicious websites
Answer: B,D

Q: 5
How does the Intrusion Prevention System add an additional layer of protection to Network Threat Protection?
A. It inspects the TCP packet headers and tracks the sequence number.
B. It performs deep packet inspection, reading the packet headers, and data portion.
C. It examines TCP/IP traffic from the application and traces the source of the traffic.
D. It monitors IP datagrams for abnormalities.
Answer: B

Q: 6
The fake antivirus family "PC scout" infects systems with a similar method regardless of its variant.
Which SONAR sub-feature can block new variants of the same family, based on sequence of events?
A. artificial intelligence
B. behavioral heuristic
C. human authored signatures
D. behavioral policy lockdown
Answer: C

Q: 7
Drive-by downloads are a common vector of infections. Some of these attacks use encryption to bypass traditional defense mechanisms. Which Symantec Endpoint Protection 12.1 protection technology blocks such obfuscated attacks?
B. Bloodhound heuristic virus detection
C. Client Firewall
D. Browser Intrusion Prevention
Answer: D

Q: 8
Which Symantec Endpoint Protection 12.1 defense mechanism provides protection against worms like W32.Silly.FDC, which propagate from system to system through the use of autorun.inf files?
A. Application Control
C. Client Firewall
D. Exceptions
Answer: A

Q: 9
A company is experiencing a malware outbreak. The company deploys Symantec Endpoint Protection 12.1, with only Virus and Spyware Protection, Application and Device Control, and Intrusion Prevention technologies. Why would Intrusion Prevention be unable to block all communications from an attacking host?
A. Intrusion Prevention needs the firewall component to block all traffic from the attacking host.
B. Intrusion Prevention blocks the attack only if the administrator wrote a signature for it.
C. Intrusion Prevention definitions are out-of-date.
D. Intrusion Prevention is set to log only.
Answer: A

Q: 10
Which Symantec Endpoint Protection 12.1 component uses reputation to evaluate a file?
A. Shared Insight Cache server
B. Symantec Endpoint Protection client
C. Symantec Endpoint Protection Manager
D. LiveUpdate Administrator server
Answer: B

© 2014, All Rights Reserved