ST0-135 Symantec Network Access Control 12.1 Technical Asses Set 5

A managed endpoint continues to pass Host Integrity even though the endpoint is missing the

required Microsoft Security Critical Updates as defined by the Host Integrity policy. An

administrator has verified that all checks are active and will cause the endpoint to fail Host Integrity

if non-compliant. What are two sources of information the administrator can check to troubleshoot

this problem? (Select two.)

A. Windows System Event Logs on the endpoint

B. Client Network Access Control Log on the endpoint

C. Symantec Endpoint Protection Manager Console in the Admin page Domain tab

D. Symantec Endpoint Protection Manager Console in the Monitors page

E. Symantec Endpoint Protection Manager Console in the Admin page Servers tab



Options are :

  • A,B
  • A,E
  • B,D
  • B,C

Answer : B,D

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Test Set 12

Which custom requirement utility allows an administrator the ability to choose an informative icon to display to the end user?   


Options are :

  • run a program
  • show message dialog
  • run a script
  • log message

Answer : log message

When using a non-Symantec (third party) anti-virus solution, which two types of Symantec clients

can be used? (Select two.)

A. Symantec On-Demand client

B. Symantec Compliance Center client

C. Symantec Network Access Control client

D. Symantec Dissolvable client for Linux

E. Symantec Critical System Protection client


Options are :

  • A,B
  • A,D
  • B,C
  • A,C

Answer : A,C

How can access be permitted to remediation services when a client fails the Host Integrity check using a Gateway Enforcer? 


Options are :

  • Add the client's MAC Address to the Mac Address Bypass table
  • Add the client's IP address to the Trusted External IP Address List
  • Add the IP addresses of the hosts to the Trusted Internal IP Address List.
  • Add the client to the Allowed Client table on the Enforcer.

Answer : Add the IP addresses of the hosts to the Trusted Internal IP Address List.

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Exam Set 3

Which protocol is used to transfer packet captures from an Enforcer?   


Options are :

  • HTTP
  • FTP
  • TFTP
  • SFTP

Answer : TFTP

In a multi-site environment, which critical step must be manually taken prior to upgrading the Symantec Endpoint Protection Manager to the next major release? 


Options are :

  • Upgrade the Symantec Endpoint Protection client software.
  • Enable Local Authentication.
  • Stop the Symantec Endpoint Protection Manager service.
  • Turn off replication.

Answer : Turn off replication.

Which packets are periodically sent from an Enforcer to find other Enforcers on the network?   


Options are :

  • Failover
  • Discover
  • ARP
  • OSPF

Answer : Failover

ST0-248 Symantec Storage Foundation 6.1 UNIX Technical Exam Set 4

A guest with a Macintosh laptop without Symantec Endpoint Protection installed connects to an organization's wireless access point to browse a website. The organization uses Symantec Network Access Control with the On-Demand agent feature turned on. Which behavior will the guest's laptop experience? 


Options are :

  • It will be moved to a quarantine VLAN
  • It will be given a quarantine IP address.
  • It will be redirected to an HTTP download page
  • It will be permanently denied all access to the network

Answer : It will be redirected to an HTTP download page

The 802.1x protocol has three major components: Supplicant, Authenticator and Authentication

Server. Which elements serve each of these components when Symantec Network Access

Control is being configured to use LAN Enforcement?


Options are :

  • Supplicant: Symantec Endpoint Protection Client, Authenticator: Symantec LAN Enforcer, Authentication Server: Microsoft Active Directory Domain Controller
  • Supplicant: Network Access Control Client, Authenticator: Symantec Endpoint Protection Policy Manager, Authentication Server: Symantec LAN Enforcer
  • Supplicant: Microsoft Supplicant, Authenticator: Microsoft Active Directory Domain Controller, Authentication Server: Symantec Endpoint Protection Manager
  • Supplicant: Microsoft Supplicant, Authenticator: 802.1x Enabled Switch, Authentication Server: Symantec LAN Enforcer

Answer : Supplicant: Microsoft Supplicant, Authenticator: 802.1x Enabled Switch, Authentication Server: Symantec LAN Enforcer

Which components do Symantec Network Access Control and Symantec Endpoint Protection share? 


Options are :

  • the same manager, database schema, and infrastructure mechanics
  • the same location awareness policy
  • the same Host Integrity policy and Replication policy
  • identical user interfaces and the same installer package

Answer : the same location awareness policy

ST0-91W Symantec NetBackup 7.0 for Windows Practice Exam Set 4

When would the Enforcer need to be reset to factory defaults?   


Options are :

  • to change the type of Enforcer
  • to purge all logs from the Enforcer
  • to purge any errors on the Enforcer
  • to upgrade the Enforcer

Answer : to change the type of Enforcer

Which two databases are supported when Symantec Endpoint Protection Manager is being

configured? (Select two.)

A. Oracle Database 11g

B. Microsoft SQL Server 2005, SP2

C. Microsoft SQL Express, SP1

D. Microsoft SQL Server 2008

E. MySQL Database 5.5


Options are :

  • C,D
  • A,B
  • B,D
  • B,C

Answer : B,D

How does Symantec Network Access Control handle location switching compared to Symantec Endpoint Protection?   


Options are :

  • It uses a reverse logic structure.
  • It excludes locations.
  • It handles locations in the same way.
  • It uses locations instead of groups

Answer : It handles locations in the same way.

ST0-91W Symantec NetBackup 7.0 for Windows (STS) Test Set 6

An organization's security policy requires Host Integrity checks to run only when the client is connecting through a VPN concentrator whose internal interface is attached to a Gateway Enforcer. Which setting should be configured to only check Host Integrity on these external clients, but not check clients on the local network? 


Options are :

  • Block port UDP 39999 on the client firewalls of the internal clients, so that they cannot be challenged by the Enforcer.
  • Select "Only do Host-Integrity checking through the Gateway or DHCP Enforcer".
  • Apply the Host Integrity agent to the external computers only.
  • Add the IP addresses of the internal clients that need not be checked to the "Trusted Internal IP Address Range"

Answer : Select "Only do Host-Integrity checking through the Gateway or DHCP Enforcer".

When a Gateway Enforcer is being deployed, which port needs to be kept open between the clients and the Enforcer? 


Options are :

  • TCP 1812
  • UDP 39999
  • UDP 1812
  • TCP 39999

Answer : UDP 39999

During a disaster recovery process, after reinstalling the Symantec Endpoint Protection Manager, what is the next manual step?   


Options are :

  • Restore the JKS keystore.
  • Restore the database.
  • Restore the Server.xml file.
  • Restore the certificates

Answer : Restore the database.

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Test Set 4

An organization has deployed Symantec Network Access Control with LAN Enforcer. Historically, all clients were Windows based endpoints. Now, Linux endpoints that authenticate with Microsoft Active Directory will need to be authenticated through the LAN Enforcer. Which entry needs to be added to the Switch Profile Action table to open the port for Linux endpoints once they have been authenticated through Active Directory user credentials?   


Options are :

  • Host Authentication: Fail, User Authentication: Fail, Policy Check: Ignore, Action: Close Port
  • Host Authentication: Unavailable, User Authentication:Pass, Policy Check: Unavailable, Action: Open Port
  • Host Authentication: Pass, User Authentication: Pass, Policy Check: Pass, Action: Open Port
  • Host Authentication: Pass, User Authentication: Unavailable, Policy Check: Unavailable, Action: Close Port

Answer : Host Authentication: Unavailable, User Authentication:Pass, Policy Check: Unavailable, Action: Open Port

An organization with a Gateway Enforcer behind a VPN concentrator that is performing NAT, determines that clients are being blocked. What is the most likely cause of the problem? 


Options are :

  • The client is missing from the MAC Address Bypass list
  • The Enforcer is placed in the wrong physical location on the network
  • The IP address of the internal interface of the VPN connector needs to be added to the Trusted External IP Address list.
  • Static routes need to be added to the Symantec Endpoint Protection Manager to pass the client traffic.

Answer : The IP address of the internal interface of the VPN connector needs to be added to the Trusted External IP Address list.

Which two network connectivity testing commands are available in the Enforcer command line

interface? (Select two.)

A. Ping

B. Nslookup

C. Traceroute

D. Snoop

E. NBNS query


Options are :

  • B,D
  • A,B
  • A,C
  • A,E
  • B,C

Answer : A,C

250-254 Administration of Symantec Cluster Server 6.1 Test Set 4

Which two are explanations of why auto-location switching may be useful for Host Integrity?

(Select two.)

A. It can define different Remediation sources, based on location.

B. It can enable different Antivirus features, based on location.

C. It can choose different Firewall rule sets, based on location.

D. It can select different Host Integrity checks, based on location

E. It can enable different LiveUpdate features, based on location.


Options are :

  • B,C
  • A,D
  • B,C
  • A,B

Answer : A,D

Which statement is true about Symantec Network Access Control compliance?   


Options are :

  • It provides services needed by a client to bring itself up to spec in order to gain access to network resources.
  • It ensures that endpoints, such as clients and servers, meet specific administrator-defined requirements
  • It provides clients with the ability to configure and deliver content and product updates to other clients in the same topological location
  • It ensures the management of a secure client endpoint through the creation and implementation of group policies.

Answer : It ensures the management of a secure client endpoint through the creation and implementation of group policies.

Which log contains IP address, connection attempt, port information, and the direction of the connection? 


Options are :

  • Enforcer Packet log
  • Enforcer Traffic log
  • Enforcer Kernel log
  • Enforcer Client log

Answer : Enforcer Traffic log

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Test Set 3

A guest is unable to download the On-Demand client. The guest is running Windows 7 64-bit and connecting with the Mozilla Firefox browser. The computer has 512 MB RAM and 50 MB free disk space. What is the likely cause of the problem? 


Options are :

  • The guest's browser is unsupported.
  • The guest's system has insufficient disk space.
  • The guest's system has insufficient RAM.
  • The guest's operating system is unsupported

Answer : The guest's system has insufficient disk space.

Which two default user accounts are created on an Enforcer? (Select two.)

A. Superuser

B. Admin

C. Root

D. user

E. symadmin


Options are :

  • C,D
  • A,E
  • B,C
  • A,B

Answer : B,C

On a LAN Enforcer, which command shows the switch action table decisions in real time?   


Options are :

  • show action live
  • show kernel live
  • show auth live
  • show spm

Answer : show kernel live

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Exam Set 2

Which default port must a firewall administrator open to enable communication between an Enforcer and the Symantec Endpoint Protection Manager? 


Options are :

  • 8080
  • 1433
  • 1812
  • 8443

Answer : 1812

Which two event details are included in a standard Host Integrity log file? (Select two.)

A. client Host Integrity status

B. state of each requirement

C. error messages

D. checked parameter

E. enforcer status


Options are :

  • B,C
  • C,D
  • A,E
  • A,B

Answer : A,B

A Helpdesk technician is examining the logs for a particular client when he notices something odd. A Host Integrity event is listed for a client as failing a requirement, but that client machine is still able to access the network even after having the check rerun several times. Why would the client's Host Integrity status still pass?   


Options are :

  • The requirement logic is malfunctioning and the Helpdesk technician should notify the administrator to contact the vendor.
  • The requirement logic is malfunctioning and the Helpdesk technician should notify the administrator to contact the vendor.
  • The administrator has configured that requirement to allow the Host Integrity policy to pass even if it fails
  • The administrator has configured the OS to ignore Host Integrity even when it fails.

Answer : The administrator has configured the OS to ignore Host Integrity even when it fails.

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Test Set 12

What will happen if a user switches to a location with a different Host Integrity policy while a Host Integrity check is in progress? 


Options are :

  • The client is permitted guest access to the quarantine network until the next scheduled Host Integrity check.
  • The Host Integrity check will fail and the client will be denied network access.
  • The client will stop the check and the user may get a timeout if attempting to reach remediation resources.
  • The Host Integrity check always completes prior to moving between locations.

Answer : The client will stop the check and the user may get a timeout if attempting to reach remediation resources.

What are the correct connection settings for a serial connection?   


Options are :

  • Data Bits: 8; Parity: odd; Stop Bits: 2
  • Data Bits: 8; Parity: even; Stop Bits: 1
  • Data Bits: 8; Parity: odd; Stop Bits: 1
  • Data Bits: 8; Parity: none; Stop Bits: 1

Answer : Data Bits: 8; Parity: odd; Stop Bits: 2

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions