ST0-135 Symantec Network Access Control 12 Technical Exam Set 8

The administrator at Lifeline Supply Company wants to use the Symantec Network Access Control Manager to upgrade clients to the latest Maintenance Release. What must be done to distribute the delta install packages to the client?


Options are :

  • deploy the maintenance release with the Migration and Deployment tools
  • export new install packages to deploy with the Altiris Integration Component
  • enable the product update settings in the LiveUpdate Policy
  • add a new Client Install Package with the maintenance release (Correct)

Answer : add a new Client Install Package with the maintenance release

Which two third-party tools can be used to connect remotely to an Enforcer appliance? (Select two.)


Options are :

  • Telnet
  • RPC
  • Wireshark
  • HyperTerminal (Correct)
  • PUTTY (Correct)

Answer : HyperTerminal PUTTY

When upgrading the Enforcer to a new version, what should be selected from the GRUB boot menu?


Options are :

  • Symantec SetUp
  • Setup Symantec Enforcer from CD-ROM (Correct)
  • Reset to Factory Image
  • Boot Symantec Enforcer from Hard Disk

Answer : Setup Symantec Enforcer from CD-ROM

Which command can be issued from the command line interface to restart the Enforcer appliance?


Options are :

  • restart
  • shutdown
  • reboot (Correct)
  • init 0

Answer : reboot

An organization's security policy permits senior management members to defer Host Integrity remediation for up to four hours after logging in. Which two tasks should the administrator perform to ensure complete compliance with the security requirement? (Select two.)


Options are :

  • Place senior management members in a Symantec Endpoint Protection group with inheritance turned off. (Correct)
  • Configure all Host Integrity checks to defer remediation
  • Define location awareness for senior management members' LAN(s).
  • Enable exceptions for senior management members' Organizational Unit.
  • Properly set Remediation Dialog Options. (Correct)

Answer : Place senior management members in a Symantec Endpoint Protection group with inheritance turned off. Properly set Remediation Dialog Options.

An organization needs to run a customer saved script using a Host Integrity policy. Which variable should the administrator use to execute the script?


Options are :

  • %F% (Correct)
  • %script%
  • $NameOfScript where NameOfScript = the name of the script
  • $PathToScript where PathToScript = the location of the script

Answer : %F%

What is the first step to troubleshoot a custom requirement in a Host Integrity policy?


Options are :

  • Run the Host Integrity check on a similar system
  • Examine the logic structure of the conditions. (Correct)
  • Check the properties of the endpoint from the client's page.
  • Examine the Security Compliance summary reports.

Answer : Examine the logic structure of the conditions.

By default, what is the baud rate for a serial connection when connecting to an Enforcer appliance?


Options are :

  • 57600
  • 2400
  • 9600 (Correct)
  • 19200

Answer : 9600

In addition to 802.1x Port Based Access Control, what is required from the switch configuration when creating a Quarantine VLAN environment for LAN Enforcement?


Options are :

  • Link Layer Discovery Protocol (LLDP)
  • Power over Ethernet (PoE)
  • VLAN Trunking Protocol
  • Dynamic VLAN Switching (Correct)

Answer : Dynamic VLAN Switching

An organization needs a Symantec Network Access Control solution that will ensure an endpoint is compliant with Host Integrity policy and that Active Directory credentials are checked before granting access to the organization's production network. When configuring the switch for 802.1x enforcement, which system should the administrator specify as providing RADIUS authentication services?


Options are :

  • Microsoft Active Directory Domain Controller
  • Symantec Endpoint Protection Manager
  • Symantec LAN Enforcer (Correct)
  • Third Party LDAP Directory Server

Answer : Symantec LAN Enforcer

How many separate enforcement modes can be configured from a 6100 Enforcer?


Options are :

  • 3
  • 1
  • 4
  • 2 (Correct)

Answer : 2

When a client location changes, how long does it take the client to retrieve and evaluate the existing Host Integrity policy assigned to the location?


Options are :

  • The client retrieves the Host Integrity policy during the next heartbeat and immediately evaluates the policy.
  • The client immediately retrieves the Host Integrity policy from the management server and immediately evalutes the policy.
  • The client has the Host Integrity policy cached and immediately evaluates the policy. (Correct)
  • The client retrieves the Host Integrity policy during the next heartbeat and runs the evaluation as specified.

Answer : The client has the Host Integrity policy cached and immediately evaluates the policy.

Which two are characteristics of the Gateway Enforcer? (Select two.)


Options are :

  • uses UDP 39999 to query the client about its Host Integrity result (Correct)
  • enables network administrators to create white lists that depend on MAC Addresses
  • looks up username and password from Symantec Endpoint Protection Manager
  • enables the download of the On-Demand agent through an HTTP redirect (Correct)
  • checks all clients as they move both inbound and outbound of a protected network

Answer : uses UDP 39999 to query the client about its Host Integrity result enables the download of the On-Demand agent through an HTTP redirect

Lifeline Supply Company initiated a staged migration process from Symantec Antivirus Corporate Edition (SAVCE) 10.1 to Symantec Network Access Control. During the migration, the IT administrator wants to generate reports from the Symantec Network Access Control Manager (SEPM) on the clients that have been migrated and gather reporting information from the SAVCE 10.1 clients. Which two actions must be completed in order to gather the reporting information? (Choose two.)


Options are :

  • provide the IP addresses or DNS names of the reporting servers to the SEPM
  • migrate the SAVCE reporting database using the Migration and Deployment Wizard
  • configure the SEPM to receive Symantec Antivirus version 10.x log files (Correct)
  • provide the IP address or DNS name for the Symantec System Center through the SEPM
  • configure Reporting Server under Reporting Configurations in the Symantec System Center (Correct)
  • migrate the SAVCE reporting servers using the Migration and Deployment Wizard

Answer : configure the SEPM to receive Symantec Antivirus version 10.x log files configure Reporting Server under Reporting Configurations in the Symantec System Center

An organization's security policy requires Host Integrity checking only when laptops are connected to the production network. Which task should be performed to comply with the security policy requirement?


Options are :

  • Set host Integrity policy requirements to "Only do Host Integrity checking through the Gateway or DHCP Enforcer".
  • Set Location Communication Setting Heartbeat to desired interval.
  • Set Communication Settings Heartbeat to desired interval in Client group policy settings
  • Set Host Integrity requirements to "Only do Host Integrity checking when connected to the management server". (Correct)

Answer : Set Host Integrity requirements to "Only do Host Integrity checking when connected to the management server".

What is the purpose of the secure workstation templates in their default configuration?


Options are :

  • check and enforce the proper application of endpoint computer policy
  • check and enforce specific Symantec Endpoint Protection policies
  • check and enforce specific predefined requirement logic
  • check and enforce various system configuration settings on endpoint systems (Correct)

Answer : check and enforce various system configuration settings on endpoint systems

Which three policies are created when you migrate from Symantec AntiVirus Corporate Edition (SAVCE)? (Choose three.)


Options are :

  • Application and Device Control
  • LiveUpdate (Correct)
  • Antivirus and Antispyware (Correct)
  • Centralized Exceptions (Correct)
  • Intrusion Prevention

Answer : LiveUpdate Antivirus and Antispyware Centralized Exceptions

An organization's remediation process requires the installation of custom software. During the installation process the system prompts the user for input. What can the administrator do to ensure the remediation process completes if a user is logged out?


Options are :

  • Ensure the remediation has a reasonable time-out specified.
  • Set Host Integrity requirements to "Only do Host Integrity checking when logged in".
  • Use a predefined template that checks for any logged-in users.
  • Create a custom requirement to run the installation in logged-in user context. (Correct)

Answer : Create a custom requirement to run the installation in logged-in user context.

Lifeline Supply Company employs 900 individuals at their location. Their data center is running Microsoft Exchange 2007 and an Oracle database. They are currently running different versions of Symantec Antivirus Corporate Edition managed through the Symantec System Center. They plan to migrate to Symantec Network Access Control and the IT director has to consider cost to benefit ratios given budgetary restrictions. Which site design best fits this company's cost to benefit ratio requirements?


Options are :

  • single site design with the embedded database and multiple Symantec Network Access Control Managers
  • single site design with one Microsoft SQL database and multiple Symantec Network Access Control Managers
  • single site design with the embedded database and one Symantec Network Access Control Manager (Correct)
  • single site design with clustered Microsoft SQL databases and multiple Symantec Network Access Control Managers

Answer : single site design with the embedded database and one Symantec Network Access Control Manager

An administrator for an organization that uses a PPTP VPN for Network Address Translation is configuring the On-Demand feature. What does the administrator need to do to the Enforcer configuration to enable downloading of the On-Demand clients through the VPN device?


Options are :

  • Add a static route to the Enforcer, using the IP and netmask of the address pool that the VPN device assigns to clients. (Correct)
  • Configure the Trusted Internal IP Address Range, making sure to enable the client to communicate with the RADIUS/IAS server.
  • Configure the On-Demand HTTPS download feature.
  • Add the firewall and VPN devices to the Mac Address Bypass list on the Enforcer.

Answer : Add a static route to the Enforcer, using the IP and netmask of the address pool that the VPN device assigns to clients.

Where is the Enforcer group defined?


Options are :

  • in the Symantec Endpoint Protection Manager Console under the Global group
  • in the Enforcer "Initial Configuration" wizard
  • in the Enforcer command line interface (Correct)
  • in the Symantec Endpoint Protection Manager Console under the Server tab

Answer : in the Enforcer command line interface

To enforce Host Integrity policies when using the Self-enforcement model, where is the "Quarantine policies when host integrity fails" setting located in the Symantec Endpoint Protection Manager?


Options are :

  • Clients page > Policies tab > Location-specific Policies and Settings > Quarantine (Correct)
  • Virus and Spyware Protection Policy > Quarantine > Advanced Options
  • Clients page > Clients tab > Quarantine > Location-specific Policies and Settings
  • Virus and Spyware Protection Policy > Advanced Options > Quarantine

Answer : Clients page > Policies tab > Location-specific Policies and Settings > Quarantine

Which enforcer command verifies there is a connection between the Symantec Endpoint Protection Manager and the Enforcer if the Gateway Enforcer is missing from the Symantec Endpoint Protection Management Console?


Options are :

  • show connection
  • show status (Correct)
  • show sepm
  • show debug

Answer : show status

An organization's administrator has deployed Symantec Network Access Control to every workstation in its network. The organization needs to perform an inventory of the version of a particular application to determine if it is up to date. If it is out of date, a patch needs to be installed. What should the administrator use to accomplish this?


Options are :

  • a custom Host Integrity policy (Correct)
  • the "PatchLink" template check
  • a custom firewall rule to monitor for the application's fingerprint
  • an Application and Device Control policy

Answer : a custom Host Integrity policy

Which two features are available only when multiple Symantec Network Access Control Managers are deployed? (Choose two.)


Options are :

  • failover (Correct)
  • increased server security
  • quarantine collection
  • load balancing (Correct)
  • data compression

Answer : failover load balancing

Which command can be issued from the command line interface to run the Enforcer service?


Options are :

  • start (Correct)
  • runenforcer
  • startenforcer
  • run

Answer : start

What is always replicated when replicating data between Symantec Network Access Control Managers?


Options are :

  • groups, logs, policies
  • administrators, groups, policies (Correct)
  • content, install packages, logs
  • policies, domains, install packages

Answer : administrators, groups, policies

Which two are purposes of a location-based Host Integrity policy? (Select two.)


Options are :

  • to apply a new IPS policy to client groups in another location
  • to apply a more stringent Host Integrity policy than another location (Correct)
  • to increase the strength of the anti-virus policy in another location
  • to have a custom script run when connected to a different location (Correct)
  • to switch firewall rules when connected to an external network

Answer : to apply a more stringent Host Integrity policy than another location to have a custom script run when connected to a different location

Which tool is used to access the command line interface over the network?


Options are :

  • Telnet
  • serial
  • SSH (Correct)
  • RDP

Answer : SSH

Which common functions are available in an operating system requirement?


Options are :

  • wait, log a message, disable Symantec Network Access Control
  • specific retry interval, allow user to cancel remediation, set timestamp (Correct)
  • run a script, set a registry value, restart host integrity check
  • download installation package, allow user to cancel remediation, invoke application startup command

Answer : specific retry interval, allow user to cancel remediation, set timestamp

Which two troubleshooting methods are useful when working with custom requirements in Host Integrity checking? (Select two.)


Options are :

  • Carefully examine the properties of the Symantec Endpoint Protection Manager.
  • Use registry message logging to help debug the execution sequence. (Correct)
  • Enable pass and fail pop-up messages in the Host Integrity Policy Advanced Settings. (Correct)
  • Check the LiveUpdate SRT website for current policy updates.
  • Check the group structure in the Symantec Endpoint Protection Manager for anomalies.

Answer : Use registry message logging to help debug the execution sequence. Enable pass and fail pop-up messages in the Host Integrity Policy Advanced Settings.

Which command does an administrator use to halt On-Demand access after logging into a Gateway Enforcer?


Options are :

  • on-demand stop
  • on-demand terminate
  • on-demand halt
  • on-demand disable (Correct)

Answer : on-demand disable

Which custom requirement conditions can an administrator use to verify the integrity of a given executable?


Options are :

  • file fingerprint equals, compare file date to (Correct)
  • file signature file equals, file exists
  • file MD5 equals, compare file age to
  • file version equals, dll called is

Answer : file fingerprint equals, compare file date to

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions