ST0-237 Symantec Data Loss Prevention 12 Technical Test Set 4

An administrator is attempting to add a new detection server to the Enforce UI. However, the administrator only has the ability to add Network Monitor and Endpoint servers. The option to add a Discover server is missing. What does the administrator need to do to add an additional server type?


Options are :

  • restart Vontu Monitor Controller service
  • update the software license file
  • restart the Vontu Monitor service
  • log in as Sys Admin/Server Administrator role

Answer : update the software license file

ST0-135 Symantec Network Access Control 12 Technical Exam Set 1

A divisional executive requests a report of all incidents generated by a particular region, summarized by department. What must be populated to generate this report?


Options are :

  • custom attributes
  • remediation attributes
  • status groups
  • sender correlations

Answer : status groups

A DLP administrator is creating a role that contains an incident access condition that restricts users from viewing specific incidents. Which two conditions can the administrator specify when creating the incident access condition in a role? (Select two.)

A. file type

B. custom attribute

C. recipient

D. file size

E. policy group


Options are :

  • B,A
  • A,B
  • B,E
  • C,D
  • D,C

Answer : B,E

Which traffic type is excluded from analysis when an administrator uses Network Monitor?


Options are :

  • Yahoo! Instant Messenger
  • Telnet
  • Skye
  • NNTP

Answer : Skye

ST0-10X Veritas Storage Foundation 5 for Unix Practice Exam Set 4

You have replaced disks on a system under the VxVM control and you get an error VxVM vx config restore ERROR V-5-1-6012 There are two backups that have the same disk group name with different disk group id". How will you resolve this error?


Options are :

  • Delete the backup file, in dginfo, /etc/vx/cbr/bk/diskgroup. dgid/ dgid.dginfo.
  • Specify the disk group by its ID rather than by its name.
  • Rename one of the disk groups.
  • Specify the disk group by its name rather than by its ID.

Answer : Specify the disk group by its ID rather than by its name.

While performing a disk group joins operation, you get an error "VxVM vxdg ERROR V-5-1-2866 object: Record already exists in disk group." You want to resolve this error. How should you resolve this error?


Options are :

  • Change the object name in the disk group.
  • Delete the disk group and recreate it with another name.
  • Import a disk group and rename it.
  • Change the object name to same as disk group.

Answer : Change the object name in the disk group.

How should an administrator determine which Database version is running?


Options are :

  • Run the command select database version from database;
  • Look in add/remove programs for the database program
  • Run the command select * from v$version;
  • Right click on database folder and select version

Answer : Run the command select * from v$version;

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Test Set 5

When attempting to log in as administrator to the UI, the administrator receives a login error: Invalid Username/Password or Disabled Account The DBA verifies the account is enabled. The information provided for the environment only includes the DLP protect database username and password as well as a username and password called Sys Admin\Admin. How should the administrator change the built-in 'Administrator' password?


Options are :

  • update the PasswordEnforcement.properties file with a new administrator password
  • log in to the Enforce UI as the Sys Admin account and go to System > Login Management > DLP Users and reset the administrator password
  • use the AdminPasswordReset utility to update the password
  • extract the administrator password from the DatabasePassword.properties file

Answer : use the AdminPasswordReset utility to update the password

Which two fallback options are available for a 'Network Prevent: Remove HTTP/HTTPS' content response rule when a web-based message contains confidential data? (Select two.)

A. Redirect the content to an alternative destination

B. Block the content from being posted

C. Encrypt the content before posting

D. Remove the content through FlexResponse

E. Allow the content to be posted


Options are :

  • A,B
  • E,D
  • D,C
  • B,E
  • B,A

Answer : B,E

An administrator is checking System Overview and all of the detection servers are showing as 'unknown'. The Vontu services are up and running on the detection servers. Thousands of .IDC files are building up in the Incidents directory on the detection servers. There is good network connectivity between the detection servers and the Enforce server when testing with the telnet command. How can the administrator bring the detection servers to a running state in the Enforce UI?


Options are :

  • Ensure port 8300 is configured as open on the firewall
  • Delete all of the .BAD files in the incidents folder on the Enforce server
  • Restart the Vontu Monitor Service on all of the detection servers affected
  • Ensure the Vontu Monitor Controller service is running on the Enforce server

Answer : Ensure the Vontu Monitor Controller service is running on the Enforce server

ST0-135 Symantec Network Access Controls Technical Exam Set 4

The chief information security officer (CISO) is responsible for overall risk reduction and develops high-level initiatives to respond to security risk trends. Which report will be useful to the CISO?


Options are :

  • all dismissed incidents violating a specific policy marked as false positive
  • all high severity incidents that have occurred during the last week
  • all incidents from the previous month summarized by business units and policy
  • all new incidents that have been generated by a specific business unit during the last week

Answer : all dismissed incidents violating a specific policy marked as false positive

You execute the vxtrace command without any option to collect I/O trace data on all virtual disk drives during peak I/O operations. When you start to analyze the data, you notice that vx trace displays a record indicating records are lost. You want to reduce the likelihood of the kernel discarding records so that you don't have to rerun vxtrace to capture the records. What should you do?


Options are :

  • Wait until I/O operations have decreased
  • Print vx trace event records to a file
  • Increase the kernel buffer using the o option
  • Increase the kernel buffer

Answer : Increase the kernel buffer

Which two pieces of system information are collected by Symantec Data Loss Prevention Supportability Telemetry? (Select two.)

A. Currently installed version of the Enforce Server

B. Number of policies currently deployed

C. Cumulative statistics regarding network traffic

D. File types for which there are incidents

E. Number of system alerts generated daily


Options are :

  • A,D
  • A.B
  • B,C
  • C,E
  • E,B

Answer : A,D

ST0-135 Symantec Network Access Controls Technical Exam Set 5

A DLP administrator needs to configure an Automated Response rule that can execute while endusers are off the corporate network. Which response rule condition will enable the administrator to accomplish this task?


Options are :

  • Endpoint Device
  • Sender/User Matches Pattern
  • Protocol or Endpoint Destination
  • Endpoint Location

Answer : Endpoint Location

Which command will you use to display all the disk groups that are currently imported on the system?


Options are :

  • vxdg import
  • vdisk dglist
  • vxvm -dg list
  • vxdg list

Answer : vxdg list

You want to remove the disk named datadg01 from the disk group named datadg. You also want to remove the public and private regions from the disk. However, you want to retain the data stored on the disk. Which commands will you use to achieve this?


Options are :

  • vxdg rmdisk vxevac vxdiskunsetup
  • vxdiskunsetup vxdg rmdisk vxevac
  • vxremove vxdg evac vxdisk rmdisk
  • vxevac vxdg rmdisk vxdiskunsetup

Answer : vxdg rmdisk vxevac vxdiskunsetup

250-352 Administration of Storage Foundation Practice Exam Set 7

You work in a Server Operations Center (SOC) with other administrators monitoring VxVM background tasks after you initiate them. You need to set up a VxVM task so that these SOC administrators can track your background tasks against the change control documentation. What would you do address this requirement?


Options are :

  • Use the vxtask tag command to associate the task id with the change control number.
  • Use the "-n" flag to associate the task with the change control number.
  • Use the "-t" flag to mark the task with the change control number.
  • Use the vxtask label command to mark the task with the change control number.

Answer : Use the "-t" flag to mark the task with the change control number.

Which structure records are stored in the private region? (Each correct answer presents part of the solution. Select three.)

A. Disk group configuration

B. Disk and disk group ID

C. File system metadata

D. Disk group kernel log

E. Partition tables


Options are :

  • D,E,C
  • B,C,A
  • A.B.D
  • D,E,B
  • C,D,A

Answer : A.B.D

Which DLP Agent task is unique to the Symantec Management Platform and is unavailable through the Enforce console?


Options are :

  • Restart agent
  • Change Endpoint server
  • Pull agent logs
  • Toggle print screen

Answer : Toggle print screen

ST0-135 Symantec Network Access Control 12.1 Technical Asses Set 8

You are performing a move operation under VxVM control. You cannot find the disk involved in a disk group. In addition, you get the following error message: "VxVM vxconfigd ERROR V-5-1-4551 dg_move_recover: can't locate disk(s), giving up" How should you resolve this error?


Options are :

  • Use vxdisk command to import a disk group.
  • Use vxconfigd command to import a disk group.
  • Use vxassist command to clean the disk group to be imported.
  • Use vxdg command to clean the disk group to be imported.

Answer : Use vxdg command to clean the disk group to be imported.

A DLP administrator needs to decide if using Symantec Management Console (SMC) will provide additional functionality over the built-in Agent Actions that can be performed via Agents > Overview > Summary Reports. What are two of the Agent Actions that can be performed with SMC that are unable to be used with the built-in Agent Actions? (Select two.)

A. Set Under Investigation

B. Get Agent Configuration

C. Toggle Print Screen

D. Set Log Level

E. Gather Endpoint detection server logs



Options are :

  • E,C
  • D,E
  • C,A
  • A,B
  • B,C

Answer : B,C

How does the DLP Agent prevent slow response time?



Options are :

  • Endpoint Discover pauses any scans if resources are needed.
  • Endpoint Prevent queues files until resources are available.
  • Endpoint Discover queues files until resources are available.
  • Endpoint Prevent pauses detection until any scans complete.

Answer : Endpoint Discover pauses any scans if resources are needed.

ST0-237 Symantec Loss Prevention Technical Assessment Exam Set 11

Consider a situation where you run the vxdmpadm start restore command and encounter an error message VxVM vxdmpadm ERROR V-5-1-3243 The VxVM restore daemon is already running" How will you solve this error?


Options are :

  • Stop vxdmpadm and reboot the system.
  • Stop vxdmpadm and start vxdarestore.
  • Restart the all the VxVM daemons.
  • Stop vxdmpadm and restart vxdmpadm.

Answer : Stop vxdmpadm and restart vxdmpadm.

An incident responder is viewing a discover incident snapshot and needs to determine which information to provide to the next level responder. Which information would be most useful in assisting the next level responder with data clean-up?


Options are :

  • Incident Details: Message Body content
  • Access Information: File Permissions
  • Incident Details: File Owner metadata
  • Custom Attributes: Most Active User from Data Insight

Answer : Custom Attributes: Most Active User from Data Insight

How is data moved to the servers at Symantec when auto-transmission of Supportability Telemetry data is enabled?


Options are :

  • HTTP POST to Symantec from Enforce
  • HTTPS POST to Symantec from Agents
  • HTTP POST to Symantec from Agents
  • HTTPS POST to Symantec from Enforce

Answer : HTTPS POST to Symantec from Enforce

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Exam Set 10

An organization needs to implement a solution that will protect its sensitive information while allowing its mobile device users to access sites and applications such as Facebook, Dropbox, and Twitter. Which Symantec Data Loss Prevention solution should the organization use to protect its information?


Options are :

  • Network Prevent
  • Mobile Email Monitor
  • Endpoint Prevent
  • Mobile Prevent

Answer : Mobile Prevent

Which file is required to decrypt the edpa_ext0.log using the Endpoint Agent logdump utility?


Options are :

  • cg.ead
  • is.ead
  • dcs.ead
  • ks.ead

Answer : ks.ead

What should an incident responder select to remediate multiple incidents simultaneously?


Options are :

  • Automated Response on the Incident Snapshot page
  • Smart Response on the Incident Snapshot page
  • Smart Response on an Incident List report
  • Automated Response on an Incident List report

Answer : Smart Response on an Incident List report

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Test Set 3

Which function does the Email Prevent server provide when integrating into an existing email environment?


Options are :

  • processes and inspects outbound SMTP messages until the email transaction has been closed
  • integrates with a Mail Transfer Agent (MTA) to inspect SMTP email messages
  • maintains each inbound SMTP message transaction until the outbound is inspected
  • inspects, stores, and blocks confidential emails as a Mail Transfer Agent (MTA)

Answer : integrates with a Mail Transfer Agent (MTA) to inspect SMTP email messages

A user is unable to log in as sysadmin. The Data Loss Prevention system is configured to use Active Directory authentication. The user is a member of two roles: sysadmin and remediator. How should the user log in to the user interface in the sysadmin role?


Options are :

Answer : sysadmin\username

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions