ST0-237 Symantec Loss Prevention Technical Practice Exam Set 4

What is the default limit to the number of subdisks that can be attached to a single plex?


Options are :

  • 1024
  • 2048
  • 4096
  • Unlimited

Answer : 4096

ST0-248 Symantec Storage Foundation 6.1 UNIX Technical Exam Set 7

Which two components can perform a scan of a workstation? (Select two.)


Options are :

  • DLP Agent
  • Network Prevent
  • Enforce Server
  • Discover Server
  • Endpoint Server

Answer : DLP Agent Discover Server

Which incidents appear in the Network Incident List report when the Network Prevent Action filter is set to Modified?


Options are :

  • incidents in which digital rights were applied to SMTP email attachments containing confidential information
  • incidents in which confidential attachments were removed from an SMTP email
  • incidents in which an SMTP email was changed to include one or more SMTP headers
  • incidents in which confidential content was removed from the body of an SMTP email

Answer : incidents in which an SMTP email was changed to include one or more SMTP headers

Which is the correct installation sequence?


Options are :

  • Oracle > Enforce > Solution pack > detection server
  • Enforce > Oracle > Solution pack > detection server
  • Enforce > Oracle > detection server > Solution pack
  • Oracle > Enforce > detection server > Solution pack

Answer : Oracle > Enforce > Solution pack > detection server

ST0-248 Symantec Storage Foundation 6.1 UNIX Technical Exam Set 4

Which option describes the three-tier installation type for Symantec Data Loss Prevention?


Options are :

  • Install the Oracle database and the Enforce Server on the same computer, then install detection servers on separate computers.
  • Install the Oracle Client (SQL*Plus and Database Utilities) on three detection servers.
  • Install the database, the Enforce Server, and a detection server all on the same computer
  • Install the Oracle database, the Enforce Server, and a detection server on separate computers.

Answer : Install the Oracle Client (SQL*Plus and Database Utilities) on three detection servers.

A DLP administrator needs to have the Email Prevent Server return inspected emails to the same MTA from which it receives the message. In which mode should the Email Prevent server be configured?


Options are :

  • trial
  • mirror
  • reflect
  • forward

Answer : reflect

Which two operating systems are supported for Symantec Data Loss Prevention 12 servers? (Select two.)


Options are :

  • Windows 2008 R2 Enterprise Edition 64-bit
  • Windows 2008 Server 32-bit
  • Red Hat Linux 6 Enterprise 64-bit
  • Windows 2003 Enterprise Edition 64-bit
  • Red Hat Linux 5 Enterprise 64-bit

Answer : Windows 2008 R2 Enterprise Edition 64-bit Red Hat Linux 5 Enterprise 64-bit

ST0-91W Symantec NetBackup 7.0 for Windows Practice Exam Set 4

What is the correct traffic flow for the Symantec Data Loss Prevention for Mobile Prevent?


Options are :

  • mobile device (iOS) > VPN > Web proxy > Mobile Prevent Server > final destination
  • mobile device (iOS) > VPN > Mobile Prevent Server > Web proxy > Enforce Server > final destination
  • mobile device (iOS) > VPN > Web proxy > Mobile Prevent Server > Enforce Server > final destination
  • mobile device (iOS) > VPN > Mobile Prevent Server > Web proxy > final destination

Answer : mobile device (iOS) > VPN > Web proxy > Mobile Prevent Server > final destination

What is the most efficient method for designing filters to remove unwanted traffic?


Options are :

  • L7 filtering per protocol
  • policy-based exceptions
  • sampling per protocol
  • IP-based filtering per protocol

Answer : IP-based filtering per protocol

A DLP administrator is writing one policy to block sensitive data from being copied to removable media. The administrator is applying two response rules to the policy: 'Endpoint Prevent: Notify' and 'Endpoint Prevent: Block'. Why are some copies blocked while others are only notified?


Options are :

  • There are different conditions for the different response actions
  • The Directory Group Matching (DGM) profile has users in different groups
  • The DLP administrator needs to fine tune the throttling options
  • The monitor and ignore filters are defined incorrectly

Answer : There are different conditions for the different response actions

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Exam Set 2

Which product can replace a confidential document residing on a share with a marker file explaining why the document was removed?


Options are :

  • Network Discover
  • Endpoint Discover
  • Network Protect
  • Mobile Prevent

Answer : Network Protect

An administrator needs to remove an agent and its associated events from a specific Endpoint Server. Which Agent Task does the administrator need to perform to disable its visibility in the Enforce UI?


Options are :

  • Change Endpoint Server action from the Agent Overview page
  • Delete action from the Agent Summary page
  • Delete action from the Agent Health dashboard
  • Disable action from Symantec Management Console

Answer : Delete action from the Agent Summary page

You are not able to find a physical device corresponding to the disk ID in the disk media record when one of the subdisks associated with the plex fails. You need to check the plex state to solve the problem. What will be the status of the plex in this situation?


Options are :

  • DISCONNECTED
  • NODEVICE
  • UNENABLED
  • INACTIVE

Answer : NODEVICE

ST0-135 Symantec Network Access Technical Assesment Exam Set 2

A network administrator needs to be notified if someone attempts to tamper with or shut down the VPN connection on an iPad or iPhone. Which product should the administrator use to configure the notification alert?


Options are :

  • Mobile Prevent
  • Network Prevent
  • Mobile Email Monitor
  • Mobile Device Management

Answer : Mobile Device Management

Which option should be used to optimize the performance of a network share Discover scan?


Options are :

  • Ensure that the target file system is defragmented regularly
  • Disable antivirus scanning for network shares on the detection server
  • Use an incremental scan to only include previously unscanned items
  • Configure credential prefetching to reduce delay in authentication

Answer : Configure credential prefetching to reduce delay in authentication

An incident responder needs to change the status of an incident to 'Escalate and Notify'. Which two places in the user interface can this Smart Response rule be invoked? (Select two.)


Options are :

  • Incident Summary
  • Policy page
  • Response Rules page
  • Incident Snapshot
  • Incident List

Answer : Incident Snapshot Incident List

251-312 Administration of Symantec Backup Exec 12 for Exam Set 2

An administrator pulls the Services and Operation logs off of a DLP Agent by using the Pull Logs action. What happens to the log files after the administrator performs the Pull Logs action?


Options are :

  • they are temporarily stored on the DLP Agent's Endpoint server
  • they are created on the DLP Agent then pulled down to the Enforce server
  • they are stored directly on the Enforce server
  • they are transferred directly to the Enforce Server and deleted from the DLP Agent

Answer : they are temporarily stored on the DLP Agent's Endpoint server

An incident response team has determined that multiple incidents are resulting from the same user action of copying sensitive data to USB devices. Which action should the incident response team take to fix this issue so only one incident per action is detected?


Options are :

  • Combine multiple conditions into one compound rule
  • Change which 'Endpoint Destinations' are monitored
  • Create separate policies for the different detection methods
  • Change the monitor/ignore filters in the agent configuration

Answer : Combine multiple conditions into one compound rule

A policy template called Customer Credit Card Numbers is being imported into the system. What is the default result for this action?


Options are :

  • the policy template will be available after logging off and on to Enforce
  • the policy template will be listed under US Regulatory Enforcement Templates and be available
  • the policy template will be enabled by default
  • the policy template will be listed under Imported Templates

Answer : the policy template will be listed under Imported Templates

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Exam Set 3

An administrator is applying a newly created agent configuration to an Endpoint server. Upon inspection, the new configuration is unassigned in the Endpoint Server Details. What is a possible cause for the new configuration failing to be assigned?


Options are :

  • the new agent configuration was copied and modified from the default agent configuration
  • the system default settings were saved to the new agent configuration
  • the server that the new agent configuration was applied to needs to be recycled
  • the new agent configuration was saved without applying it to the Endpoint server

Answer : the new agent configuration was saved without applying it to the Endpoint server

How many free partitions do you need to encapsulate a boot disk?


Options are :

  • 3
  • 2
  • 4
  • 1

Answer : 2

Which response rule action will be ignored when using an Exact Data Matching (EDM) policy?


Options are :

  • All: Send Email Notification
  • Network Protect: Copy File
  • Endpoint Prevent: Notify
  • Network Prevent: Remove HTTP/HTTPS Content

Answer : Endpoint Prevent: Notify

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Test Set 3

An administrator implements a policy to block confidential data from being posted to Facebook. The policy generates incidents but allows the content to be posted. Which action should the administrator take to resolve this issue?


Options are :

  • Turn on default settings
  • Enable ICAP.Allowhosts
  • Enable Get Processing
  • Turn off Trial mode

Answer : Turn off Trial mode

Which user store is essential for using the user risk summary feature?


Options are :

  • Tomcat
  • Samba
  • Active Directory
  • MySQL

Answer : Active Directory

Which automated response action can be performed for data loss incidents caused by confidential data found on Windows shares?


Options are :

  • Notify User
  • User Cancel
  • Block Message
  • Quarantine File

Answer : Quarantine File

ST0-91W Symantec NetBackup 7.0 for Windows Practice Exam Set 4

While performing a VxVM operation, you discover that the disk group configuration has become corrupt. You want to check the changes in the VxVM configuration data and automatically record any configuration changes that occur. What would you do in this situation?


Options are :

  • Use the vxconfigbackupd daemon to monitors changes to the VxVM configuration.
  • Use vxdctl daemon to monitors changes to the VxVM configuration.
  • Use the vxconfigd daemon to monitor changes to the VxVM configuration.
  • Use the vxrelocd daemon to monitor monitors changes to the VxVM configuration.

Answer : Use the vxconfigbackupd daemon to monitors changes to the VxVM configuration.

Which action is available for use in Smart Response rules and Automated Response rules?


Options are :

  • block email message
  • modify SMTP message
  • post log to a syslog server
  • limit incident data retention

Answer : post log to a syslog server

Which server encrypts the message when using a Modify SMTP Message response rule?


Options are :

  • Enforce server
  • SMTP Prevent server
  • Encryption Gateway
  • Network Monitor server

Answer : Network Monitor server

ST0-135 Symantec Network Access Control 12 Technical Exam Set 4

Which interface provides single sign-on access for the purpose of administering Data Loss Prevention servers, managing policies, and remediating incidents?


Options are :

  • Symantec Protection Center
  • Symantec Information Manager
  • Symantec Data Insight
  • Symantec Messaging Gateway

Answer : Symantec Protection Center

A DLP administrator is attempting to use Encryption Insight to detect confidential information in encrypted files but has been unsuccessful. It is determined that the process was unable to retrieve the appropriate PGP key because the user key was using the incorrect encryption mode. What is the correct encryption mode that must be used by the user key?


Options are :

  • Server Key Mode
  • Client Server Key Mode
  • Guarded Key Mode
  • Client Key Mode

Answer : Server Key Mode

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions