100+ Free Symantec Email Specialist Practice Questions

Pass your Symantec Email Security.cloud R2 Technical Specialist (250-579) exam on the first try — instant access, no signup required.

✓ No registration✓ No credit card✓ No hidden fees✓ Start practicing immediately

Not published Pass Rate

100+ Questions

100% Free

1 / 100

Question 1

Score: 0/0

An administrator receives complaints that email from a specific partner is intermittently blocked due to TLS negotiation failures. What should they configure in Email Security.cloud to resolve this?

Configure per-domain TLS enforcement with a minimum TLS version acceptable to the partner's server

Create an IOC entry exempting the partner's IP from blocking

Disable DMARC checks for the partner domain

Add the partner domain to the global blocked senders list exception

to track

Same family resources

Explore More Broadcom Symantec Security Certifications

Continue into nearby exams from the same family. Each card keeps practice questions, study guides, flashcards, videos, and articles in one place.

Symantec Endpoint Security Complete R2 Technical Specialist (250-580)

Practice Questions100 questions

2026 Statistics

Key Facts: Symantec Email Specialist Exam

250-579

Exam Code

Broadcom

70%

Approximate Pass Score

Broadcom (verify)

75-100

Approximate Questions

Broadcom

30 days

Malware Quarantine Retention

Broadcom TechDocs

14 days

Spam Quarantine Retention

Broadcom TechDocs

7 days

Default IOC Retention

Broadcom TechDocs

Broadcom exam 250-579 validates skills in deploying, configuring, and troubleshooting Symantec Email Security.cloud. Topics include the ClientNet portal, Cynic sandbox, click-time URL protection, Email Fraud Protection with DMARC, Data Protection/DLP, quarantine management, and the IOC Blacklist and Data Feed APIs.

Sample Symantec Email Specialist Practice Questions

Try these sample questions to test your Symantec Email Specialist exam readiness. Each question includes a detailed explanation. Start the interactive quiz above for the full 100+ question experience with AI tutoring.

1What is the primary function of Symantec Email Security.cloud in an organization's email infrastructure?

A.It acts as a cloud-based email gateway that scans inbound and outbound email for threats and policy violations

B.It replaces on-premises mail servers entirely

C.It stores all organizational email in a cloud archive

D.It manages Active Directory user accounts for email access

Explanation: Symantec Email Security.cloud is a cloud-based email gateway (secure email gateway as a service) that scans all inbound and outbound email for malware, spam, phishing, and policy violations. It does not replace mail servers but integrates with them by directing email flow through its cloud scanning infrastructure via MX record changes.

2Which DNS record must an administrator update to route inbound email through Symantec Email Security.cloud for scanning?

A.A record

B.TXT record

C.MX record

D.CNAME record

Explanation: MX (Mail Exchanger) records define which mail servers receive email for a domain. To route inbound email through Email Security.cloud, administrators must update the domain's MX records to point to Broadcom's scanning infrastructure. Both primary and secondary MX records must be configured with correct priorities.

3Before switching MX records to Symantec Email Security.cloud, what step must an administrator complete first?

A.Register all organizational mailboxes in the ClientNet portal

B.Deploy Symantec Endpoint Protection agents on all mail servers

C.Disable the on-premises spam filter

D.Configure SPF records to include Symantec IP ranges

Explanation: Broadcom documentation explicitly states that all mailboxes must be registered in ClientNet before switching MX records over to the Email Security.cloud infrastructure. This ensures the service knows which recipients to accept email for and can route correctly without bouncing legitimate mail.

4How does Symantec Email Security.cloud verify that an organization owns a domain before enabling scanning services?

A.By sending a verification email to postmaster@domain.com

B.By checking that the domain's MX records already point to Symantec infrastructure

C.By detecting a validation TXT record or checking MX ownership via DNS

D.By requiring a signed certificate from the domain's registrar

Explanation: Email Security.cloud validates domain ownership by checking for a provided TXT record in the domain's DNS settings or by verifying MX record presence. If no MX records are detected for the domain, DNS TXT validation must be used. This proves control of the domain's DNS before enabling email scanning.

5In the Symantec Email Security.cloud ClientNet portal, which menu path leads to access control settings such as 2FA and IP restrictions?

A.Administration > Access Control

B.Services > Anti-Spam > Access

C.Platform > Security > Portal Access

D.Reports > Audit > Access Events

Explanation: According to Broadcom TechDocs, portal access control settings including password policy, Two-Factor Authentication (2FA), and IP restrictions are configured under Administration > Access Control in the ClientNet portal. Administrators must log in with an administrator account to access these settings.

6Which two-factor authentication technology does Symantec Email Security.cloud use natively for ClientNet portal access?

A.Symantec VIP (Validation and ID Protection)

B.Google Authenticator TOTP codes

C.Duo Security push notifications

D.RSA SecurID hardware tokens

Explanation: Symantec Email Security.cloud supports Two-Factor Authentication (2FA) through Symantec VIP (Validation and ID Protection), which requires users to present VIP credentials alongside their username and password. VIP tokens must be registered separately for the Email Security.cloud portal and the Email Quarantine Portal.

7What is the Cynic component in Symantec Email Security.cloud's threat protection stack?

A.A cloud-based sandbox that performs dynamic analysis of suspicious email attachments

B.A rules-based spam scoring engine using RBL lookups

C.A DMARC alignment checker for inbound messages

D.An outbound TLS enforcement module

Explanation: Cynic is Symantec Email Security.cloud's cloud-based sandboxing engine. It performs dynamic (behavioral) analysis of suspicious email attachments by detonating them in an isolated environment. Cynic is part of the Advanced Threat Protection (ATP) for email and works alongside scan-time URL protection to detect targeted attacks.

8When Email Security.cloud's Anti-Malware service detects an infected email, where is the message sent?

A.Administrator Quarantine

B.Directly to the recipient with a malware warning banner

C.The Email Threat Isolation sandbox for re-rendering

D.A holding queue pending manual admin review within 1 hour

Explanation: When the Anti-Malware or Email Protection Policy service detects a malicious email, it is automatically sent to Administrator Quarantine. This isolates the malware so it cannot infect recipients. Administrators can then search, filter, rescan, or release messages from quarantine up to 30 days after interception.

9How long are malware-quarantined messages retained before automatic deletion in Symantec Email Security.cloud?

A.7 days

B.14 days

C.30 days

D.90 days

Explanation: Malware Quarantine messages are automatically deleted after 30 days. This is distinct from Spam Quarantine messages, which are deleted after 14 days unless otherwise configured. Administrators have up to 30 days to review, rescan, or release quarantined malware messages.

10An administrator wants to re-evaluate a quarantined email using the latest threat signatures after a policy update. What quarantine action should they use?

A.Rescan

B.Release to original recipient

C.Forward to external sandbox

D.Delete permanently

Explanation: The Rescan action re-processes a quarantined email through the current policy and signature set. If the rescan finds the message clean, it is delivered; if newly detected threats are found, it remains in quarantine. This is the correct action when administrators want to reassess a message after a signature or policy update.

About the Symantec Email Specialist Exam

The Broadcom 250-579 certifies technical proficiency in Symantec Email Security.cloud R2, covering cloud email gateway administration, advanced threat protection, email authentication (SPF/DKIM/DMARC), DLP, quarantine management, and the IOC and Data Feed APIs.

Questions

90 scored questions

Time Limit

Not officially published

Passing Score

70% (approximate)

Exam Fee

Verify at Pearson VUE (Broadcom)

Symantec Email Specialist Exam Content Outline

~20%

Email Security.cloud Architecture & Administration

ClientNet portal, domain registration, MX records, RBAC, 2FA, SSO, outbound routing, reporting

~15%

Antimalware & Sandbox (Cynic)

Anti-malware scanning, Cynic sandbox, domain age conditions, Advanced Threat Protection

~20%

Antispam & Link Protection

Anti-spam policies, click-time URL protection, Email Threat Isolation, impersonation control, geo-blocking

~15%

Email Fraud Protection (SPF/DKIM/DMARC)

DMARC enforcement, SPF/DKIM alignment, Anti-EchoSpoofing, phased DMARC rollout

~15%

Data Protection & DLP

DLP policies, managed and custom data lists, PBE Essentials/Advanced, TLS enforcement

~10%

Quarantine Management

Administrator quarantine, spam quarantine, retention periods, rescan/release, quarantine portal

~5%

IOC & Datafeed API

IOC Blacklist API operations, IOC lifecycle, Data Feed API feed types, Email Queue API

How to Pass the Symantec Email Specialist Exam

What You Need to Know

Passing score: 70% (approximate)
Exam length: 90 questions
Time limit: Not officially published
Exam fee: Verify at Pearson VUE

Keys to Passing

Complete 500+ practice questions
Score 80%+ consistently before scheduling
Focus on highest-weighted sections
Use our AI tutor for tough concepts

Symantec Email Specialist Study Tips from Top Performers

1Understand the correct MX record configuration sequence: domain validation → mailbox registration → service configuration → MX cutover

2Know the quarantine retention periods: malware = 30 days, spam = 14 days; and IOC retention: default 7 days, max 30 days

3Master DMARC policy values (p=none/quarantine/reject) and the phased deployment approach toward p=reject

4Distinguish Cynic (attachment sandbox) from Email Threat Isolation (click-time URL rendering) — different threats, different mechanisms

5Learn the Data Feed API types: all, malware, anti-spam, clicktime, threat-isolation, ec-reports — and when each is used

Frequently Asked Questions

What is the Broadcom 250-579 exam?

The Broadcom 250-579 exam is the Symantec Email Security.cloud R2 Technical Specialist certification. It validates technical skills in deploying, administering, and troubleshooting the Email Security.cloud service, including antispam, antimalware, DLP, DMARC email authentication, quarantine management, and the IOC and Data Feed APIs.

How many questions are on the 250-579 exam?

Broadcom indicates approximately 75-100 multiple-choice questions. The exact number and time limit should be verified on the official Broadcom certification exam page or at Pearson VUE before scheduling.

What is the passing score for Broadcom 250-579?

The passing score is approximately 70%, though Broadcom should be consulted for the exact scoring scale and pass mark, as these details are subject to change.

What topics are covered in the 250-579 exam?

The exam covers Email Security.cloud architecture and ClientNet portal administration, antimalware including Cynic sandbox, antispam and click-time URL protection, Email Fraud Protection with SPF/DKIM/DMARC, Data Protection and DLP, quarantine management, and the IOC Blacklist API and Data Feed API.

Is there hands-on lab experience required for the 250-579?

The 250-579 is a multiple-choice knowledge exam delivered via Pearson VUE. However, hands-on experience with the Email Security.cloud ClientNet portal and its services is strongly recommended as the questions are scenario-based and require practical familiarity with the platform.

What is the difference between Cynic and Email Threat Isolation?

Cynic is Symantec's cloud-based sandboxing engine that dynamically analyzes email attachments at scan time to detect targeted attacks. Email Threat Isolation is a different service that renders suspicious web content remotely when users click email links, preventing malicious code execution on user devices and blocking credential entry on phishing sites.