ST0-135 Symantec Network Access Control 12.1 Technical Asses Set 6

At the Enforcer (debug)# prompt, which command enables the most detailed level of debugging?   


Options are :

  • level engineer (Correct)
  • level error
  • level fine
  • level verbose

Answer : level engineer

An administrator has upgraded a Symantec Endpoint Protection Manager to include Symantec Network Access Control. How should the administrator deploy compliance checking to existing Symantec Endpoint Protection clients? 


Options are :

  • Edit the 'Client Install Setting' to include compliance checking
  • Create compliance checking policies on a per location basis. (Correct)
  • Create compliance checking and add to the 'Location Specific Setting'
  • Edit the client feature set to include compliance checking

Answer : Create compliance checking policies on a per location basis.

How can an administrator provide computers on a quarantine VLAN with access to remediation materials without using static routes?   


Options are :

  • Multi-home the remediation server and connect one NIC to a port assigned to the quarantine VLAN. (Correct)
  • Create a static route from the quarantine VLAN to the Symantec Endpoint Protection Manager in the Enforcer command line interface.
  • Assign a virtual IP address to the NIC on the remediation server and add it to the quarantine VLAN.
  • Put a wireless access point on the quarantine VLAN to provide wireless access to quarantined clients.

Answer : Multi-home the remediation server and connect one NIC to a port assigned to the quarantine VLAN.

A Host Integrity policy has a complex custom conditional check that has three IF THEN

statements, two of which have ELSE statements. How many ENDIF statements are required?


Options are :

  • 3 (Correct)
  • 0
  • 1
  • 5

Answer : 3

In an Enforcer command line interface, which filter is used to capture communication traffic between an Enforcer and a Symantec Endpoint Protection Manager?   


Options are :

  • spm (Correct)
  • client
  • query
  • auth

Answer : spm

What is the default time interval for Host Integrity checks?   


Options are :

  • 2 minutes (Correct)
  • 5 minutes
  • Continuous
  • 30 minutes

Answer : 2 minutes

Which check can be performed using custom requirements to verify whether "a product is installed" on a client machine?   


Options are :

  • check the service snap-in to see if the product is installed
  • check the policy document to see if the product is installed
  • check the registry keys to see if the product is installed
  • check the IT documentation to see if the product is installed (Correct)

Answer : check the IT documentation to see if the product is installed

What should an administrator do to obtain additional information about Host Integrity checking for a newly implemented Host Integrity policy? 


Options are :

  • Create a customized computer status report on the management server.
  • Enable debug logging on the enforcer.
  • Enable the reporting of additional log events on the client systems.
  • Set verbose logging on the Host Integrity policy. (Correct)

Answer : Set verbose logging on the Host Integrity policy.

A Help Desk technician determines that a client's Host Integrity event indicates it is failing a requirement, but the client's computer is still able to access the network, even after rerunning the check several times. Why will the client's Host Integrity status still pass?   


Options are :

  • The requirement logic is malfunctioning.
  • The log search must be rerun to update the status.
  • The policy has been configured to pass even if the requirement fails (Correct)
  • The administrator has configured the operating system to ignore Host Integrity even when it fails.

Answer : The policy has been configured to pass even if the requirement fails

On which product can Symantec Network Access Control functionality be enabled?   


Options are :

  • Symantec Critical System Protection 5.2
  • Symantec AntiVirus 10.2
  • Symantec Client Security 3.1 (Correct)
  • Symantec Endpoint Protection 12.1

Answer : Symantec Client Security 3.1

When a client fails Host Integrity check, it may be restricted only to the resources necessary to become compliant. In the Integrated Enforcer, where are these resources added?   


Options are :

  • Symantec Centralized Quarantine Server
  • None
  • Symantec Endpoint Protection Manager list
  • Automatic Quarantine Configuration (Correct)
  • Centralized Exceptions Policy

Answer : Automatic Quarantine Configuration

Which information do the Enforcer System logs contain?   


Options are :

  • client connections
  • connection attempts
  • configuration changes (Correct)
  • Enforcer kernel modules

Answer : configuration changes

When a compliance log event indicates a failed signature file check, to which predefined requirement does this event relate? 


Options are :

  • file condition
  • antivirus and antispyware condition (Correct)
  • firewall condition
  • registry condition

Answer : antivirus and antispyware condition

Which two considerations are important when implementing a Host Integrity policy to remediate

operating system patch conditions? (Select two.)

A. if the patch is subject to dependencies or prerequisites

B. if the patch is the correct version for the antivirus software and firewall

C. if the patch is for 32- or 64-bit operating systems

D. if the patch is for a Windows or Linux system

E. if the patch is for an On-Demand client



Options are :

  • A,B
  • A,C (Correct)
  • B,C
  • A,D

Answer : A,C

What must be completed before registering an Enforcer appliance with the Symantec Endpoint Protection Manager? 


Options are :

  • Re-image appliance.
  • Set time zone and shared-secret.
  • Set initial IP address and shared-secret
  • Perform initial configuration. (Correct)

Answer : Perform initial configuration.

When is Host Integrity checking enabled on a Symantec Network Access Control client?   


Options are :

  • during the heartbeat authentication process with the Enforcer
  • when the Symantec Network Access Control client is updated by LiveUpdate for content
  • when the Host Integrity policy is configured and distributed to the client (Correct)
  • automatically when an upgrade to Symantec Network Access Control is applied

Answer : when the Host Integrity policy is configured and distributed to the client

What happens if the Enforcer group is unspecified when entering the spm command in the Enforcer command line interface? 


Options are :

  • It places the Enforcer in the Default group.
  • It registers the Enforcer without a group.
  • It fails to register the Enforcer
  • It creates a group using the Enforcer hostname. (Correct)

Answer : It creates a group using the Enforcer hostname.

Which two ways does the Gateway Enforcer support authentication for On-Demand clients?

(Select two.)

A. RADIUS Authentication

B. RSA Secure ID

C. Symantec Endpoint Protection Database

D. NDS Authentication

E. Gateway Enforcer Local Database



Options are :

  • B,C
  • C,D
  • A,E (Correct)
  • A,B

Answer : A,E

How can an administrator ensure that LAN Enforcer appliances have the same settings?   


Options are :

  • Create LAN Enforcer group in Symantec Endpoint Protection Manager Console and add both Enforcers
  • Configure Replication in Symantec Endpoint Protection Manager and mark the checkbox to include LAN Enforcers.
  • Edit the synchronization.conf on both Enforcers to contain address of each Enforcer
  • Connect to LAN Enforcer and specify the same group Enforcer name with configure > spm > group (Correct)

Answer : Connect to LAN Enforcer and specify the same group Enforcer name with configure > spm > group

Which command parameter provides a valid method for establishing the shared secret between the Enforcer appliance and the Symantec Endpoint Protection Manager?   


Options are :

  • keygen
  • keymap
  • keyhash (Correct)
  • keyreg

Answer : keyhash

Which two functions can Symantec Network Access Control Host Integrity check for and automate

to reduce Help Desk calls for IT support? (Select two.)

A. detect and prevent keystroke loggers from running

B. ensure required software applications such as Altiris are running

C. encrypt wireless communications for local administrative users

D. start services that have been stopped by users

E. query Insight reputation for a new file download


Options are :

  • B,D (Correct)
  • B,C
  • A,B
  • C,D

Answer : B,D

In addition to the Host Integrity policy, which policy is required to enforce network access using the Self-enforcement method?   


Options are :

  • Centralized Exception policy
  • Firewall policy (Correct)
  • Device Control policy
  • Application Control policy

Answer : Firewall policy

A virus outbreak is occurring in an organization's network where a registry setting is changed to

prevent the control panel from opening. Which two Symantec Network Access Control custom

options can the organization's administrator use to remediate the condition caused by the virus?

(Select two.)

A. Create a custom Host Integrity script that removes the virus's executable.

B. Create a custom firewall rule to block access to the registry by the virus.

C. Create a custom Host Integrity policy that kills the control panel process.

D. Create a custom firewall rule to prevent remote registry access.

E. Create a custom Host Integrity requirement that reverts the registry setting.



Options are :

  • B,C
  • C,D
  • A,E (Correct)
  • A,B

Answer : A,E

Which two command line entries will register an Enforcer with the Symantec Endpoint Protection

Manager? (Select two.)

A. configure spm {[ip <ipaddress>] | [subnet mask <netmask>] | [http <port-number>] | [key <keyname>]}

B. configure spm {[ip <ipaddress>] | [client_group <group-name>] | [http <port-number>] | [key

<key-name>]}

C. configure spm {[ip <ipaddress>] | [group <group-name>] | [http <port-number>] | [key <keyname>]}

D. configure spm {[ip <ipaddress>] | [domain <domain-name>] | [https <port-number>] | [key

<shared-key>]}

E. configure spm {[ip <ipaddress>] | [http <port-number>] | [key <key-name>]}


Options are :

  • A,B
  • B,C
  • C,D
  • A,D
  • C,E (Correct)
  • None of the Above

Answer : C,E

An administrator is configuring a LAN enforcement and is not sure if the switch is communicating with the Enforcer. The administrator needs to look at the traffic in real time. Which command should the administrator use?   


Options are :

  • snoop -d -i -v
  • capture filter all verbose start (Correct)
  • tcpdump -i eth0 -vv
  • show kernel live

Answer : capture filter all verbose start

An organization's administrator configures a LAN Enforcer to function with the HubNet SX1337 layer two managed switch that uses 802.1x. While attempting to select switch models, the administrator finds that HubNet is unlisted and so selects "Other". After configuring the rest of the properties, the administrator finds that the Enforcer is sending dynamic VLAN assignments to the correct IP address; however, the switch is failing to switch VLANs. Which required setting with the "Other" switch model selection did the administrator overlook?   


Options are :

  • action switch to V-LAN quarantine
  • action switch to V-LAN production
  • send custom RADIUS attributes to switch (Correct)
  • send custom RADIUS attributes to Enforcer

Answer : send custom RADIUS attributes to switch

Which two components run Host Integrity checking? (Select two.)

A. Symantec Endpoint Protection client

B. Symantec Network Access Control LAN Enforcer

C. Symantec Network Access Control On-Demand client

D. Symantec Network Access Control Gateway Enforcer



Options are :

  • C,D
  • B,C
  • A,C (Correct)
  • A,B

Answer : A,C

When using Symantec Network Access Control Integrated Enforcer, which two additional

components are required for guest access with Host Integrity checking? (Select two.)

A. LAN Enforcer

B. Gateway Enforcer

C. Symantec Endpoint Protection Manager

D. Microsoft IAS Server

E. Microsoft Active Directory Domain Controller


Options are :

  • B,C (Correct)
  • B,D
  • A,E
  • A,B

Answer : B,C

What should be considered when developing a Host Integrity policy?   


Options are :

  • the third-party deployment packages that will need to be deployed for endpoints that are excluded from the Host Integrity policy
  • the order in which the requirements are checked and the operation required for remediation (Correct)
  • the users that will be permitted to interact with remediation resources and processes
  • the specific elements to assess patch levels on non-Windows systems and the script logic for remediation

Answer : the order in which the requirements are checked and the operation required for remediation

In addition to the local database on LAN Enforcer and an upstream RADIUS server, which method is possible for MAC Authentication Bypass?   


Options are :

  • SQL to Oracle database
  • SQL to Great Bay database
  • LDAP to Active Directory
  • LDAP to Great Bay database (Correct)

Answer : LDAP to Great Bay database

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions