Use this quick start guide to collect all the information about Broadcom Endpoint Protection Admin Technical Specialist (250-605) Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the 250-605 Symantec Endpoint Protection 14.x Admin R2 Technical Specialist exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual Broadcom Endpoint Protection Admin Technical Specialist certification exam.
The Broadcom Endpoint Protection Admin Technical Specialist certification is mainly targeted to those candidates who want to build their career in Endpoint Security domain. The Broadcom Symantec Endpoint Protection 14.x Admin R2 Technical Specialist exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of Broadcom Endpoint Protection Admin Technical Specialist.
Broadcom Endpoint Protection Admin Technical Specialist Exam Summary:
| Exam Name | Broadcom Symantec Endpoint Protection 14.x Admin R2 Technical Specialist |
| Exam Code | 250-605 |
| Exam Price | $250 (USD) |
| Duration | 90 mins |
| Number of Questions | 75 |
| Passing Score | 70% |
| Books / Training |
Symantec Endpoint Protection 14.x Administration Symantec Endpoint Detection and Response 4.x Planning, Implementation, and Administration |
| Schedule Exam | Broadcom |
| Sample Questions | Broadcom Endpoint Protection Admin Technical Specialist Sample Questions |
| Practice Exam | Broadcom 250-605 Certification Practice Exam |
Broadcom 250-605 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Managing Console Access and Delegating Authority |
- Describe Client-to-SEPM Communication - Understand Directory Server Authentication for an Administrator Account |
| Managing Client to Server Communication | - Describe Client-to-SEPM Communication |
| Managing Client Architecture and Active Directory Integration |
- Describe the Interaction Between Sites,Domains, and Groups - Understand Groups, Locations, and Policy Inheritance Management - Describe Importing Organizational Units from Active Directory |
| Managing Clients and Responding to Threats | - Understand the Clients View |
| Monitoring the Environment and Responding to Threats |
- Understand Critical Data Using the Summary Page - Describe New Incidents Using the Logs Page - Understand How Actions Sent to Clients Using the Command Status View are Monitored - Describe How to Configure Notifications |
| Creating Incident and Health Status Reports |
- Describe How to Monitor Critical Data Using the Reports Page - Describe How to Identify New Incidents Using Quick Reports and Filters - Describe how to Configure Scheduled Reports |
| Introducing Content Updates Using LiveUpdate |
- Describe the LiveUpdate Ecosystem - Describe How to Configure LiveUpdate - Understand the Need for an Internal LiveUpdate Administrator Server - Describe how to Configure an Internal LiveUpdate Administrator Server |
| Analyzing the SEPM Content Delivery System |
- Describe Content Updates - Describe how to Manage Content on the SEPM - Understand how to Monitor Content Distribution to the Clients |
| Managing Group Update Providers |
- Describe Group Update Providers - Describe how to Add Group Update Providers - Describe how to Monitor Group Update Providers |
| Manually Downloading Certified and Rapid Release Definitions |
- Describe how to Download Certified SEPM Definitions from Symantec Security Response - Describe how to Download Rapid Release Definitions from Symantec Security Response - Describe how to Locate Statically Named Definitions |
| Protecting Against Network Attacks and Enforcing Corporate Policies Using the Firewall Policy |
- Understand how to Prevent Network Attacks - Examine Firewall Policy Elements - Describe How to Create Custom Firewall Rules - Describe Advanced Firewall Features |
| Blocking Network Threats with Intrusion Prevention |
- Describe Intrusion Prevention Technologies - Describe how to Configure the Intrusion Prevention Policy - Understand how to Manage Custom Signatures - Describe how to Monitor Intrusion Prevention Events |
| Protecting Memory with Memory Exploit Mitigation | - Describe Memory Exploit Mitigation |
| Preventing File-Based Attacks with SEP Layered Security |
- Describe Virus and Spyware Protection - Understand File Reputation - Describe Insight Lookup - Describe the Emulator and Machine Learning Engine - Understand Download Insight - Understand Auto-Protect Scans - Describe SONAR - Understand Administrator-Defined Scans |
| Securing Windows Clients |
- Describe the Windows Virus and Spyware Protection Policy - Describe how to Tailor Scans to Meet an Environment’s Needs - Describe how to Ensure Real-Time Protection for Clients - Understand Detecting and Remediating Risks in Downloaded Files - Describe how to Identify Zero-Day and Unknown Threats - Describe how to Prevent Email from Downloading Malware - Describe how to Configure Advanced Options - Describe how to Monitor Virus and Spyware Activity |
| Restricting Device Access for Windows and Mac Clients |
- Describe Windows and Mac Device Control Concepts - Understand How to Configure Device Control - Understand How to Monitor Device Control Events |
| Hardening Clients with System Lockdown |
- Describe System Lockdown - Understand How to Create the File Fingerprint List - Describe System Lockdown Use Cases |
| Customizing Protection Based on User Location |
- Understand How to Create Locations - Describe Adding Policies to Locations - Understand How to Monitor Location Awareness |
| Managing Security Exceptions |
- Describe Security Exceptions - Describe Exclusions - Understand How to Manage Exceptions - Understand How to Monitor Security Exceptions |
| Endpoint Detection and Response – Introduction |
- Describe Symantec Endpoint Detection and Response Business Objectives - Describe the Components of Symantec Endpoint Detection and Response - Describe SEDR Shared Technologies |
| Architecting and Sizing | - Understand SEDR Architecture and Sizing |
| Implementation |
- Describe SEDR System Requirements - Understand SEDR Installation Considerations - Describe the SEDR Management Console - Describe SEDR User Accounts and Roles - Understand SEDR Integration with Symantec Endpoint Protection |
| Detecting Threats in the Environment |
- Understand Suspicious & Malicious Activity with SEDR - Describe Prerequisite SEDR Threat Detection Configuration - Identify evidence of suspicious/malicious activity with SEDR |
| Investigating Threats in the Environment |
- Search for indicators of Compromise with SEDR - Analyze Endpoint Activity Recorder Data - Describe Additional SEDR Investigation Tools |
| Responding to Threats in the Environment |
- Understand Threat Response in the Cybersecurity Framework for use with SEDR - Isolate/Deny/Remove Threats in the Environment with SEDR - Tune the SEDR Environment |
| Reporting on Threats in the Environment | - Understand SEDR Incident Reporting |
| Managing System Settings |
- Understand user managed certificates in the SEDR environment - Understand SEDR event and incident forwarding - Describe Splunk integration with SEDR |
To ensure success in Broadcom Endpoint Protection Admin Technical Specialist certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for Symantec Endpoint Protection 14.x Admin R2 Technical Specialist (250-605) exam.