ST0-135 Symantec Network Access Control 12.1 Technical Asses Set 4

What is a characteristic of the Symantec Network Access Control Integrated Enforcer for Integrated Enforcers? 


Options are :

  • It provides 802.1x enforcement.
  • It is only available as a plug-in. (Correct)
  • It is installed as an appliance.
  • It requires a DHCP Proxy.

Answer : It is only available as a plug-in.

What is a valid deployment methodology for updating the version of Symantec Network Access Control client? 


Options are :

  • Import the updated client to the Symantec Endpoint Protection Manager as a client package and all clients will update automatically.
  • Use Auto-Upgrade to update groups of clients through the Symantec Endpoint Protection Manager with the new client package. (Correct)
  • Apply the update to the Enforcer and the update will be applied to each client when it is challenged.
  • Execute the client patch on the Symantec Endpoint Protection Manager and it will be distributed to all clients automatically

Answer : Use Auto-Upgrade to update groups of clients through the Symantec Endpoint Protection Manager with the new client package.

What can be used in a Host Integrity policy to check for products that Symantec omits from built-in checks? 


Options are :

  • pre-configured checks
  • predefined requirements
  • custom requirements (Correct)
  • pre-configured checks

Answer : custom requirements

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Exam Set 2

When testing 802.1x environments with LAN enforcement, where can an administrator confirm whether the user credentials provided by a client are accepted or rejected?   


Options are :

  • Compliance: Enforcer Authentication
  • Compliance: Enforcer Client (Correct)
  • RADIUS Enforcer System logs
  • Compliance: Audit logs

Answer : Compliance: Enforcer Client

Which two components are included in the disaster recovery file? (Select two.)A. sylink.xmlB. config.propertiesC. encryption passwordD. certificate filesE. database



Options are :

  • A,E
  • A,B
  • C,D (Correct)
  • B,C

Answer : C,D

An employee has an employer-issued laptop with Symantec Endpoint Protection client installed.Symantec Network Access Control is enabled on the laptop. Employees are permitted to connectfrom a remote network to a corporate network via a VPN connection. The clients connect througha Gateway Enforcer to access the corporate network.What happens first when the employee connects to the corporate network from home though theVPN tunnel?


Options are :

  • The client computer provides compliance information directly to the Symantec Endpoint Protection Manager.
  • A LiveUpdate occurs to update Host Integrity templates
  • An On-Demand client is downloaded.
  • The client computer provides compliance information to the Gateway Enforcer. (Correct)

Answer : The client computer provides compliance information to the Gateway Enforcer.

250-371 Administration Symantec NetBackup 7.5 Windows Exam Set 6

An organization that is deploying Symantec products needs to use network access control, antivirus and spyware, proactive threat protection, and network threat protection software. Which Symantec client(s) should be installed on the organization's workstations? 


Options are :

  • Symantec Endpoint Protection and the Symantec On-Demand clients
  • Symantec Endpoint Protection client (Correct)
  • Symantec Network Access Control and Symantec Endpoint Protection clients
  • Symantec Network Access Control client

Answer : Symantec Endpoint Protection client

Which Host Integrity template policies are included with Symantec Network Access Control?   


Options are :

  • enforce password complexity, WSUS waiting packages are installed, terminate application with a certain fingerprint (Correct)
  • check Host Integrity every X minutes, allow the user to cancel remediation, continue to check requirements after one fails
  • NONE
  • download a file, Registry: Set registry file, Registry: Increment registry DWORD value
  • antivirus requirement, firewall requirement, service pack requirement

Answer : enforce password complexity, WSUS waiting packages are installed, terminate application with a certain fingerprint

What is the most likely cause of a Gateway Enforcer log entry indicating that an endpoint has been 'Rejected'? 


Options are :

  • Host Integrity failed but was told to pass.
  • Host Integrity has failed on the endpoint.
  • Port 69999 is blocked on the endpoint.
  • Port 39999 is blocked on the endpoint (Correct)

Answer : Port 39999 is blocked on the endpoint

ST0-91W ST0-91W Symantec NetBackup 7.0 for Windows Exam Set 4

An unmanaged guest endpoint is permitted onto the production VLAN with 802.1x enabled on the switch port and a guest VLAN is configured. The guest endpoint is sent to a guest VLAN. What is the reason this is occurring?   


Options are :

  • The switch action table is configured improperly. (Correct)
  • The switch failed to receive the endpoint user authentication
  • The switch is incompatible with the Symantec Endpoint Protection client.
  • The Wireless AutoConfig service on the client has stopped.

Answer : The switch action table is configured improperly.

Which technology is contained in the Symantec Network Access Control agent?   


Options are :

  • Intrusion Prevention
  • Antivirus
  • Firewall
  • Host Compliance (Correct)

Answer : Host Compliance

A security manager asks if a Host Integrity custom requirement can be configured to ensure a current version of a client firewall is operating and properly blocking traffic. Which custom firewall checks can be offered to the security manager?   


Options are :

  • blocking, running
  • processing, blocking
  • installed, running (Correct)
  • installed, processing

Answer : installed, running

ST0-91W Symantec NetBackup 7.0 for Windows (STS) Test Set 8

What happens in an 802.1x environment that depends on Active Directory, if the Active Directory server is offline? 


Options are :

  • Host Integrity results will be ignored
  • User Authentication will be set to pass.
  • Everyone will be allowed through the LAN Enforcer.
  • User Authentication will be unavailable. (Correct)

Answer : User Authentication will be unavailable.

On a LAN Enforcer, which command displays the current mab status?   


Options are :

  • mab show (Correct)
  • mab status
  • mab enable
  • mab live

Answer : mab show

Which two methods are recommended by Symantec for backing up an embedded database?(Select two.)A. Run the Database Backup and Restore wizard found within the Symantec Endpoint ProtectionManager Program Group.B. Copy the contents of the [drive]: Program Files Symantec Symantec Endpoint ProtectionManager data folder.C. Use Symantec authorized third party backup tools to backup the database instance.D. Execute the backup from the Symantec Endpoint Protection Manager Console on the Homepage.E. Select backup from the Symantec Endpoint Protection Manager Console on the Admin page.



Options are :

  • A,B
  • B,C
  • C,D
  • A,E (Correct)

Answer : A,E

ST0-248 Symantec Storage Foundation 6.1 UNIX Technical Exam Set 8

After accessing the network, how is the functionality of the On-Demand client demonstrated?   


Options are :

  • Attempt to view a web page (Correct)
  • See if a valid IP address is assigned.
  • Assue an ipconfig /renew.
  • Attempt to ping the Symantec Endpoint Protection Manager

Answer : Attempt to view a web page

What can trigger a Symantec Endpoint Protection client to switch locations?   


Options are :

  • Client restarts.
  • Client receives a new Host Integrity policy
  • Client's network address changes. (Correct)
  • Client's group policy communication settings change.

Answer : Client's network address changes.

What is the Symantec recommended first step in upgrading the Symantec Endpoint Protection Manager to the next release?   


Options are :

  • Enable Local Authentication.
  • Turn off replication
  • Backup the database. (Correct)
  • Stop the Symantec Endpoint Protection Manager service

Answer : Backup the database.

ST0-248 Symantec Storage Foundation 6.1 UNIX Technical Exam Set 11

What are two capabilities of the Symantec Network Access Control client? (Select two.)A. provide SONAR protectionB. check for third party security softwareC. scan for virusesD. execute custom scriptsE. provide Network Threat Protection



Options are :

  • B,E
  • B,C
  • A,B
  • A,C
  • B,D (Correct)

Answer : B,D

A computer that has been taken outside of an organization's network is unable to gain access to any network resources. The Endpoint Protection Client reports that Host Integrity has failed and is quarantined. What is the most likely cause of the failure? 


Options are :

  • The client cannot authenticate through an Enforcer appliance.
  • Applying Host Integrity policy to locations is unsupported.
  • The client is unable to auto-remediate because remediation resources are inaccessible externally (Correct)
  • The firewall policy is unavailable on the client computer because the endpoint is unable to download the policy.

Answer : The client is unable to auto-remediate because remediation resources are inaccessible externally

Which method can be used to upgrade a Symantec Endpoint Protection Manager to include Symantec Network Access Control functionality? 


Options are :

  • Run the Upgrade wizard. (Correct)
  • Run the SNAC.exe.
  • Use add/remove programs
  • Perform a MSI push.

Answer : Run the Upgrade wizard.

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Test Set 1

Which enforcement method requires the least amount of effort to implement, can restrict network traffic if desired, and has the least impact on the customer network? 


Options are :

  • Gateway Enforcement
  • Self Enforcement (Correct)
  • Integrated Microsoft DHCP Enforcement
  • LAN Enforcement

Answer : Self Enforcement

Which number must a port number match when configuring an Enforcer so that it communicates with the Symantec Endpoint Protection Manager?   


Options are :

  • the Web Services Port number
  • the Server Control Port numb
  • the Client Communications Port number (Correct)
  • the Server Port number

Answer : the Client Communications Port number

When installing the Symantec Network Access Control with an external database, what needs to be installed on the Symantec Endpoint Protection Manager prior to installing the manager software? 


Options are :

  • Apache Tomcat
  • Microsoft IIS
  • Microsoft SQL client tools (Correct)
  • Apache web server

Answer : Microsoft SQL client tools

ST0-10X Veritas Storage Foundation 5 for Unix Practice Test Set 5

Which policy type does Symantec Network Access Control client use?   


Options are :

  • Virus and Spyware
  • Application Control
  • Host Integrity (Correct)
  • Intrusion Prevention

Answer : Host Integrity

From which log can an administrator determine that the Enforcer has successfully registered with the Symantec Endpoint Protection Manager? 


Options are :

  • Compliance: Enforcer Server (Correct)
  • System Logs: Enforcer Client
  • System Logs: Enforcer Activity
  • Compliance: Enforcer Traffic

Answer : Compliance: Enforcer Server

Which enforcement technology has the ability to deploy the On-Demand client?   


Options are :

  • Integrated Enforcer for Microsoft DHCP Server
  • Gateway Enforcer (Correct)
  • LAN Enforcer
  • Integrated Enforcer for Microsoft Network Access Protection

Answer : Gateway Enforcer

ST0-91W ST0-91W Symantec NetBackup 7.0 for Windows Exam Set 7

Which two enforcement modes can be configured on the Symantec 6100 appliance? (Select two.)A. LAN EnforcerB. DHCP EnforcerC. Integrated DHCP EnforcerD. Gateway EnforcerE. Self Enforcement


Options are :

  • B,C
  • A,B
  • C,D
  • D,E
  • A,D (Correct)

Answer : A,D

Which two are purposes of a location-based Host Integrity policy? (Select two.)A. to apply a more stringent Host Integrity policy than another locationB. to switch firewall rules when connected to an external networkC. to increase the strength of the anti-virus policy in another locationD. to have a custom script run when connected to a different locationE. to apply a new IPS policy to client groups in another location



Options are :

  • B,C
  • C,D
  • A,B
  • A,D (Correct)

Answer : A,D

What happens when the Symantec Endpoint Protection Manager is upgraded to include Symantic Network Access Control functionality?   


Options are :

  • The host integrity policy is enabled in the policy Library. (Correct)
  • Network Access Control has to be enabled manually in the Manager
  • A Symantec Network Access Control Client is deployed to all clients
  • Client without Host integrity policies get dropped into Quarantine.

Answer : The host integrity policy is enabled in the policy Library.

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Test Set 3

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions