최신 ST0-134 무료덤프 - Symantec EndPoint Protection 12.1 Technical Assessment

문제1

What are two criteria that Symantec Insight uses to evaluate binary executables? (Select two.)

정답: A,B

문제2

A company is setting up a new environment with three Symantec Endpoint Protection Managers(SEPM) and wants to set one SEPM to act as the primary reporting server. Where in the SEPM should the administrator configure the priority reporting server to be used for running scheduled reports and notifications?

A. Server properties

B. Local Site properties

C. Local Host properties

D. Scheduled reports

정답: B

문제3

Refer to the exhibit.

A USB mouse is plugged in to a system that uses the device control displayed in the exhibit. What is the expected behavior?

A. The mouse is blocked until an administrator adds the device to the exception policy.

B. The mouse is blocked until the user adds the device as a local client exception.

C. The mouse will work as normal because the Human Interface Device exclusion takes precedence.

D. The mouse will work as normal because Mouse devices are missing from Blocked Devices.

정답: C

문제4

A user is unknowingly about to connect to a malicious website and download a known threat within a .rar file. All Symantec Endpoint Protection technologies are installed on the client's system. In which feature set order must the threat pass through to successfully infect the system?

A. Download Insight, Firewall, IPS

B. IPS, Firewall, Download Insight

C. Firewall, IPS, Download Insight

D. Download Insight, IPS, Firewall

정답: C

문제5

Which two sources can a Macintosh client use to download content? (Select two.)

A. Symantec LiveUpdate server

B. Group Update Provider (GUP)

C. Default Management server

D. Internal LiveUpdate server

E. Symantec Endpoint Protection Manager

정답: A,D

문제6

Which feature reduces the impact of Auto-Protect on a virtual client guest operating system?

A. Network Shared Insight Cache

B. Virtual Image Exception

C. Scan Randomization

D. Virtual Shared Insight Cache

정답: B

문제7

Which port is used by default for replication between sites?

A. 9090

B. 8443

C. 2967

D. 8014

정답: B

문제8

A company suffered catastrophic hardware failure on the Symantec Endpoint Protection Manager (SEPM). The administrator restores the hardware and the operating system with the required software (including SEPM). The administrator then runs the SEPM Database Back Up and Restore utility. What is the most important consideration?

A. Ensure that the SEPM service is set to Manual and Running.

B. Ensure that the Microsoft SQL services are disabled on the server.

C. Ensure that the SEPM service is set to Automatic and Stopped.

D. Ensure that the embedded database service is set to Disabled and Stopped.

정답: C

문제9

A Symantec Endpoint Protection (SEP) administrator performed a disaster recovery without a database backup. In which file should the SEP administrator add "scm.agent.groupcreation=true" to enable the automatic creation of client groups?

A. httpd.conf

B. catalina.out

C. conf.properties

D. settings.conf

정답: C

문제10

A company has a small number of systems in their Symantec Endpoint Protection Manager (SEPM) group with federal mandates that AntiVirus definitions undergo a two week testing period. After being loaded on the client, the tested virus definitions must remain unchanged on the client systems until the next set of virus definitions have completed testing. All other clients must remain operational on the most recent definition sets. An internal LiveUpdate Server has been considered as too expensive to be a solution for this company. What should be modified on the SEPM to meet this mandate?

A. The SEPM site LiveUpdate settings should be modified so the Number of content revisions to keep is set to 1.

B. The LiveUpdate Content policy for this group should be modified to use a specific definition revision.

C. The SEPM site LiveUpdate settings should be modified so the Number of content revisions to keep is set to 14.

D. The LiveUpdate Settings policy for this group should be modified to use an Explicit Group Update Provider.

정답: B

문제11

An administrator is restoring a Microsoft SQL Symantec Endpoint Protection 12.1 database and installing a new Symantec Endpoint Protection Manager (SEPM). After completing the restore, the administrator notices that the clients are unable to connect to the SEPM. Which step did the administrator forget when performing the restore?

A. importing the previously backed up data

B. restoring the server certificate

C. restoring the client certificate

D. setting the SQL client folder

정답: B

문제12

Which component is required in order to run Symantec Endpoint Protection 12.1 protection technologies?

A. Symantec Protection Center

B. Symantec Endpoint Protection Manager

C. Symantec Endpoint Protection client

D. LiveUpdate Administrator server

정답: C

문제13

A company is building a new Symantec Endpoint Protection Manager (SEPM) and building email notifications that will go to the security team. Which two notification conditions should the team implement into the SEPM? (Select two.)

정답: A,D

문제14

A large enterprise plans to deploy Symantec Endpoint Protection 12.1 (SEP) on 36,000 virtual endpoints distributed across 1,800 VMware ESX servers in a single datacenter. A system administrator needs to optimize endpoint scanning performance by enabling Shared Insight Cache (SIC) server functionality. Which two configuration changes should the administrator make to minimize the number of SIC servers that need to be deployed? (Select two.)

A. Enable scanning randomization across all SEP endpoints.

B. Disable Insight lookups for threat detection on each virtual SEP endpoint.

C. Enable virtual image exceptions across all SEP endpoints.

D. Enable download randomization across all SEP endpoints.

E. Perform regular scans of all virtual systems with the offline image scanner.

정답: A,C

문제15

Where are directory servers added before importing Organizational Units (OU) or adding administrators to the Symantec Endpoint Protection Manager?

A. Server properties

B. Site properties

C. Import Server properties

D. localhost properties

정답: A

문제16

A company has a firewall policy with a rule that allows all applications on all ports. An administrator needs to modify the policy so that it allows Internet Explorer to communicate to any website, but only on port 80 and 443. In addition, the company only wants this modification to affect traffic from Internet Explorer. The administrator created a new rule at the top of the ruleset that allows Internet Explorer on port 80 and 443. Which step should the administrator take next?

A. Create a new rule above the Allow All Applications rule to block Internet Explorer.

B. Modify the Allow All Applications rule to exclude Internet Explorer.

C. Move the new rule below the Allow Applications rule.

D. Delete the Allow All Applications rule.

정답: A

문제17

According to Symantec best practices, which two tasks should be completed after creating file fingerprint lists, but prior to enabling System Lockdown? (Select two.)

A. Log unapproved applications.

B. Add any approved applications.

C. Move the Symantec Endpoint Protection Managers to a separate group.

D. Run the checksum.exe command on the clients.

E. Enable application learning.

정답: A,B

문제18

An administrator enabled virtual image exceptions for Auto-Protect and Administrator-Defined scans on virtual machines. In order to protect against previously undetected threats, the administrator must regularly scan the static instance of the virtual machine image set which includes the files that have been whitelisted. In addition to cleaning the static image set, which additional step must the administrator complete if threats are discovered?

A. Use the vietool to update the whitelist.

B. Select the threat in the log and add it as an exception.

C. Use the Symantec Offline Image Scanner (SOIS) on the static image.

D. Ensure that virtual client tagging is enabled.

정답: A

최신 ST0-134 무료덤프 - Symantec EndPoint Protection 12.1 Technical Assessment

우리와 연락하기

유용한 링크

최신 업데이트