250-586 Free Sample Questions

A financial services company with 15,000 endpoints is designing a new Symantec Endpoint Security Complete (SESC) deployment. The company has a central data center and 50 branch offices with varying bandwidth. The primary goal is to minimize WAN traffic for definition updates while ensuring high availability for policy management. The design proposes two load-balanced Symantec Endpoint Protection Managers (SEPMs) in the data center and Group Update Providers (GUPs) in each branch. How should the SEPMs be configured for replication to meet these requirements?

During the assessment phase for an SES Complete implementation at a hospital, an administrator discovers that several critical medical imaging devices run on an unsupported legacy Windows XP Embedded OS. These devices cannot be upgraded but must be protected. Which SES Complete features should be prioritized in the solution design for these specific devices? (Select TWO)

An administrator is troubleshooting an issue where SES Complete clients in a specific remote office are not receiving policy updates from the central SEPM. All other offices are functioning correctly. The remote office clients can successfully ping the SEPM server by its IP address. What is the most likely cause of this issue?

True or False: When configuring a System Lockdown policy in 'blacklist' mode, the policy will block only the applications explicitly listed, and all other unlisted applications will be allowed to run.

A university is implementing SES Complete across its campus, which includes administrative offices, student labs, and faculty research departments. The security team wants to apply a baseline security policy to all computers but allow specific departments, like computer science, to have more lenient script control settings for academic purposes, without duplicating the entire baseline policy. What is the most efficient method to achieve this in SEPM?

An administrator needs to deploy the SES Complete agent to 500 new workstations that have just been imaged and are not yet in Active Directory. The administrator wants to automate the process and ensure the clients are placed in the correct 'New Deployments' group in SEPM upon installation. Which deployment method is best suited for this scenario?

What is the primary function of the Integrated Cyber Defense Manager (ICDm) in a hybrid SES Complete environment?

A company has configured SES Complete with a Data Loss Prevention (DLP) policy to block the transfer of files containing credit card numbers to USB drives. A user reports that they are still able to copy a sensitive file to a USB drive without it being blocked. A review of the SES client on the user's machine shows that all policies are up-to-date and the client is communicating with the SEPM. What is the most probable reason for the policy failure?

Case Study: Global Retail Inc. **Company Background:** Global Retail Inc. is a multinational corporation with 500 retail stores, three large distribution centers, and a corporate headquarters. Each retail store has 5-10 Point-of-Sale (POS) terminals running Windows 10 IoT Enterprise, a local server, and 2-3 staff workstations. Distribution centers operate 24/7 and use a mix of Windows Server 2019 and specialized logistics systems. Corporate headquarters houses 2,000 employees with standard Windows 11 desktops and laptops. **Current Situation:** The company is migrating from a competitor's legacy AV product to Symantec Endpoint Security Complete. The legacy AV has caused performance issues on the POS terminals, leading to transaction delays. The distribution centers have experienced downtime due to false positives quarantining critical logistics application files. Corporate users frequently travel and need consistent protection both on and off the corporate network. **Requirements:** 1. A centralized management solution with role-based access for regional IT teams. 2. Minimal performance impact on POS terminals and distribution center servers. 3. Strong protection against fileless malware and ransomware for corporate users. 4. An efficient content update strategy to minimize bandwidth consumption over the retail stores' business internet connections. 5. Ensure traveling corporate users receive the latest policies and protection updates promptly. **Problem:** You are the implementation specialist tasked with designing the SES Complete architecture and policy structure to meet all of Global Retail's requirements. Which design choice best addresses the unique needs of the POS terminals and distribution centers regarding performance and false positives?

When designing a Group Update Provider (GUP) strategy for an organization with many low-bandwidth remote sites, which GUP configuration setting is most critical to prevent a single GUP from becoming overloaded with requests from clients at other sites?