Users report abnormal behavior on systems where Symantec Endpoint Protection is installed.

Which tool can an administrator run on the problematic systems to identify the likely cause of the abnormal behavior?

A. smc.exe -stop

B. SymHelp.exe

C. PowerShell.exe

D. CleanWipe.exe

Which Symantec Endpoint Protection component enables access to data through ad-hoc reports and charts with pivot tables?

A. Symantec Protection Center

B. Shared Insight Cache Server

C. Symantec Endpoint Protection Manager

D. IT Analytics

What are two criteria that Symantec Insight uses to evaluate binary executables? (Select two.)

A. sensitivity

B. prevalence

C. confidentiality

D. content

E. age

Which two criteria can an administrator use to determine hosts in a host group? (Select two.)

A. Subnet

B. Network Services

C. Application Protocol

D. DNS Domain

E. Network Adapters

What is an appropriate use of a file fingerprint list?

A. allow unknown files to be downloaded with Insight

B. prevent programs from running

C. prevent AntiVirus from scanning a file

D. allow files to bypass Intrusion Prevention detection

Which Symantec Endpoint Protection defense mechanism provides protection against threats that propagate from system to system through the use of autorun.inf files?

A. Application and Device Control

B. SONAR

C. TruScan

D. Host Integrity

Which protection engine should be enabled to drop malicious vulnerability scans against a client system?

A. SONAR

B. Intrusion Prevention

C. Tamper Protection

D. Application and Device Control

An administrator is reviewing an Infected Clients Report and notices that a client repeatedly shows the same malware detection. Although the client remediates the files, the infection continues to display in the logs.

Which two functions should be enabled to automate enhanced remediation of a detected threat and its related side effects? (Select two.)

A. Risk Tracer

B. Terminate Processes Automatically

C. Early Launch Anti-Malware Driver

D. Stop Service Automatically

E. Stop and Reload AutoProtect

An administrator is troubleshooting a Symantec Endpoint Protection (SEP) replication.

Which component log should the administrator check to determine whether the communication between the two sites is working correctly?

A. Apache Web Server

B. Tomcat

C. SQL Server

D. Group Update Provider (GUP)

An administrator reports that the Home, Monitors, and Report pages are absent in the Symantec Endpoint Protection Management console when the administrator logs on.

Which action should the administrator perform to correct the problem?

A. configure proxy settings for each server in the site

B. configure External Logging to Enable Transmission of Logs to a Syslog Server

C. grant the Administrator Full Access to Root group of the organization

D. grant View Reports permission to the administrator