Information Technology Reference
In-Depth Information
Thought experiment
Endpoint Protection at Tailspin Toys
You have noticed that computers at your organization's Brisbane branch office seem
more susceptible to malware infection than computers at other locations. Some
computers are being infected repeatedly by the same type of malware. Sometimes
the same malware infects multiple collections. You are configuring the collection
alert settings for the Brisbane computers collection. With this information in mind,
answer the following questions:
1.
Which alert option should you configure to detect repeat infections on the same
computer?
2.
Which alert option should you configure to detect the same malware on multiple
computers?
■
System Center Endpoint Protection is an antimalware client that can detect and reme-
diate malware, rootkit, network, and spyware vulnerabilities; automatically download
antimalware definitions and engine updates; and manage Windows Firewall settings.
■
Endpoint Protection requires a Configuration Manager Endpoint Protection point,
which you configure with client settings and, depending on how you want definition
updates delivered, a software update point.
■
You use an antimalware policy to control configuration settings for the Endpoint Pro-
tection client on client computers.
■
You can configure a firewall policy to establish settings for each type of network pro-
file, including domain, private, and public.
Answer the following questions to test your knowledge of the information in this objective.
You can find the answers to these questions and explanations of why each answer choice is
correct or incorrect in the “Answers” section at the end of the chapter.
1.
Which of the following locations can host antimalware definition update files for an
Endpoint Protection client? (Choose three. Each correct answer provides a complete
solution.)
a.
FTP site
B.
Microsoft Update/Microsoft Malware Protection Center
C.
UNC file share
D.
WSUS server
