Exam 250-428: Administration of Symantec Endpoint Protection 14 Practice Exam

Exam 250-428: Administration of Symantec Endpoint Protection 14 Practice Exam

The Symantec Endpoint Protection 14 (SEP 14) certification exam (250-428) validates your skills in administering and configuring Symantec's endpoint security solution. By earning this certification, you demonstrate your ability to implement robust endpoint protection strategies and safeguard user devices (endpoints) within your network from cyber threats like viruses, malware, and unauthorized access.

Who Should Take This Exam?

This exam is ideal for IT professionals aspiring to:

• Become a Symantec Certified Specialist (SCS) in Endpoint Security, a recognized credential in the field.
• Enhance their career prospects by specializing in endpoint protection solutions, a critical area of information security.
• Take on network administrator roles with a focus on endpoint security, ensuring the protection of devices across the network.

Are There Prerequisites?

There are no mandatory prerequisites for taking the exam. However, to maximize your success, Symantec recommends:

• Hands-on experience working with Symantec Endpoint Protection 14 products in a production or lab environment (ideally 3-6 months). This experience will help you solidify your understanding of the product's functionalities.
• A foundational understanding of cybersecurity concepts and common threats. Familiarity with cybersecurity principles will provide a strong base for applying endpoint protection strategies.

Roles and Responsibilities  

An IT professional with expertise in Symantec Endpoint Protection 14 typically fulfills the following roles and responsibilities:

• Planning and Deployment: This involves planning and deploying SEP 14 on endpoints across the network, ensuring comprehensive device protection.
• Configuration and Management: The specialist configures SEP 14 settings to define security policies, manage virus and spyware protection, and control application and device usage.
• Monitoring and Maintenance: Regular monitoring of endpoint security status, generating reports, and performing maintenance tasks like software updates are crucial responsibilities.
• Incident Response: In the event of a security breach or malware infection, the specialist isolates infected devices, implements remediation actions, and investigates security incidents.
• User Support: Providing technical support to users regarding endpoint security concerns and maintaining overall system health are ongoing responsibilities.

Exam Details

• Number of Questions: 65-75
• Exam Format: Multiple-choice
• Time Give: 90 minutes  
• Passing score: 70%
• Exam Language: English 
• Exam fee: $250

Course Structure

The important domains and their topics that the Exam 250-428: Administration of Symantec Endpoint Protection 14 cover are:

1. SECTION 1: Products and Concepts

• Common threats and security risks to the endpoint
• The Symantec Endpoint Protection components
• Policies and concepts relate to the Symantec Endpoint Protection architecture
• Proper placement for GUP, SEPM, and LUA for communication and content deployment

2. SECTION 2: Installation and Configuration

• Prepare, install, license and configure the Endpoint Protection management infrastructure
• Create groups and locations to effectively configure and manage clients
• Prepare and install the Symantec Endpoint Protection clients including creating client packages and choosing an appropriate deployment method
• Verify client connectivity and find clients in the console
• Configure communication, general, and security settings
• Configure Symantec Endpoint Protection 14 for a virtual environment
• LiveUpdate policies
• When and how to configure exceptions

3. SECTION 3: Configuring Virus and Spyware Protection

• Protection technologies interact and their dependencies
• Configure scheduled and on-demand scans
• Configure Auto-Protect for file systems/email clients 
• Configure Insight and Download Insight
• Configure SONAR
• The remediation actions for infected files

4. SECTION 4: Define and Configure Firewall, Intrusion Prevention, and Application and Device Control

• How to configure the firewall policy
• Configure intrusion prevention policies
• Configure application and device control policies
• Customize firewall, intrusion prevention and application and device control policies

5. SECTION 5: Responding to Threats

• When to install additional Symantec Endpoint Protection Managers and sites
• Describe how to edit server and site properties
• The procedures for Symantec Endpoint Protection database management, backup, Restore and Symantec Endpoint Protection disaster recovery
• Create, view and manage notifications
• Manage administrator accounts and delegation of roles
• How and when to use supplemental Symantec tools