ST0-134 Online Practice Questions and Answers

A financial company enforces a security policy that prevents banking system workstations from connecting to the Internet. Which Symantec Endpoint Protection technology is ineffective on this company's workstations?

A. Insight

B. Intrusion Prevention

C. Network Threat Protection

D. Browser Intrusion Prevention

Which ports on the company firewall must an administrator open to avoid problems when connecting to Symantec Public LiveUpdate servers?

A. 25, 80, and 2967

B. 2967, 8014, and 8443

C. 21, 443, and 2967

D. 21, 80, and 443

A Symantec Endpoint Protection administrator needs to comply with a service level agreement stipulating that all definitions must be internally quality assurance tested before being deployed to customers. Which step should the administrator take?

A. install a LiveUpdate Administrator Server

B. install a Shared Insight Cache Server

C. install a Group Update Provider (GUP) to the existing site

D. install a Symantec Protection Center

A large oil company has a small exploration department that is remotely located and rarely has internet connectivity. Which client type would allow the exploration department to configure their own security policies?

A. Mixed-mode client

B. User-mode client

C. Managed client

D. Unmanaged client

Which two actions can a user take during an in-progress scheduled scan? (Select two.)

A. disable

B. stop

C. pause

D. skip

E. reschedule

An administrator wants to make sure users are warned when they decide to download potentially malicious files. Which option should the administrator configure?

A. the Notifications tab under the admin-defined scan settings

B. the Notifications tab under Auto-Protect settings

C. the Network Protection Security event notification in location-specific settings

D. the Notifications tab under Download Insight settings

A company organizes its clients into two groups the Symantec Endpoint Protection Manager (SEPM) group with all the SEPMs and a Desktops group with all other systems. An Application and Device Control policy is used with the "Block modifications to hosts file" rule set enabled. This policy is applied to all groups in the company. How can an administrator modify the hosts file on the SEPM systems, while minimizing risks posed to the company?

A. Withdraw the policy from all clients, modify the hosts files, and reassign the policy.

B. Withdraw the policy from the SEPM group, modify the hosts files, and reassign the policy.

C. Modify the hosts file using an operating system-based system account.

D. Temporarily disable Network Threat Protection on each client when modifying the hosts file.

An administrator is testing a new Application and Device Control policy. One of the rule sets being tested blocks the notepad.exe application from running. After pushing the policy to a test client, the administrator finds that notepad.exe is still able to run. The administrator verifies that the rule set is enabled in the Application and Device Control policy. Which two may be preventing the policy from performing the application blocking? (Select two.)

A. An Application exception has been configured in the Exceptions policy.

B. System Lockdown has been configured for the client.

C. Network Threat Protection needs to be installed on the client.

D. The rule set is in the "Test (log only)" mode.

E. A rule set with conflicting rules exists higher up in the policy.

Which two criteria can be used to determine hosts in a host group? (Select two.)

A. DNS domain

B. Subnet

C. Gateway address

D. WINS server

E. DHCP server

A user is downloading a file from https//www.example.com to the local system. The user is able to download and save that file even though it is a known malicious application. Why is the user able to download the application?

A. A SONAR exception is in place.

B. An Application Control exception for the file is in place.

C. A Trusted Web Domain exception is in place.

D. Download Insight exceptions are disabled.