1. Home
  2. Symantec
  3. ST0-134

Symantec EndPoint Protection 12.1 Technical Assessment

Exam Details

  • Exam Code
    :ST0-134
  • Exam Name
    :Symantec EndPoint Protection 12.1 Technical Assessment
  • Certification
    :Symantec Certified Security program
  • Vendor
    :Symantec
  • Total Questions
    :282 Q&As
  • Last Updated
    :Apr 29, 2025

Symantec Symantec Certified Security program ST0-134 Questions & Answers

  • Question 211:

    Which two options are available when configuring DNS change detected for SONAR? (Select two.)

    A. Block

    B. Active Response

    C. Quarantine

    D. Log

    E. Trace

  • Question 212:

    What does SONAR use to reduce false positives?

    A. Virus and Spyware definitions

    B. File Fingerprint list

    C. Symantec Insight

    D. Extended File Attributes (EFA) table

  • Question 213:

    Which two settings does an administrator enable to use the Risk Tracer feature in the Virus and Spyware Protection policy? (Select two.)

    A. Application and Device Control Policy

    B. Tamper Protection

    C. Firewall Policy

    D. IPS active response

    E. Application Learning

  • Question 214:

    What are two criteria that Symantec Insight uses to evaluate binary executables? (Select two.)

    A. sensitivity

    B. prevalence

    C. confidentiality

    D. content

    E. age

  • Question 215:

    An administrator needs to increase the access speed for client files that are stored on a file server. Which configuration should the administrator review to address the read speed from the server?

    A. enable Network Cache in the client's Virus and Spyware Protection policy

    B. add the applicable server to a trusted host group

    C. create a Firewall allow rule for the server's IP address

    D. enable download randomization in the client group's communication settings

  • Question 216:

    An administrator changes the Virus and Spyware Protection policy for a specific group that disables Auto-Protect. The administrator assigns the policy and the client systems applies the corresponding policy serial number. Upon visual inspection of a physical client system, the policy serial number is correct. However, Auto- Protect is still enabled on the client system. Which action should the administrator take to ensure that the desired setting is in place on the client?

    A. restart the client system

    B. run a command on the computer to Update Content

    C. enable the padlock next to the setting in the policy

    D. withdraw the Virus and Spyware Protection policy

  • Question 217:

    A Symantec Endpoint Protection (SEP) administrator receives multiple reports that machines are experiencing performance issues. The administrator discovers that the reports happen about the same time as the scheduled LiveUpdate. Which setting should the SEP administrator configure to minimize I/O when LiveUpdate occurs?

    A. Change the LiveUpdate schedule

    B. Change the Administrator-defined scan schedule

    C. Disable Allow user-defined scans to run when the scan author is logged off

    D. Disable Run an Active Scan when new definitions arrive

  • Question 218:

    An administrator is reviewing an Infected Clients Report and notices that a client repeatedly shows the same malware detection. Although the client remediates the files, the infection continues to display in the logs. Which two functions should be enabled to automate enhanced remediation of a detected threat and its related side effects? (Select two.)

    A. Risk Tracer

    B. Terminate Processes Automatically

    C. Early Launch Anti-Malware Driver

    D. Stop Service Automatically

    E. Stop and Reload AutoProtect

  • Question 219:

    An administrator configures the scan duration for a scheduled scan fails to complete in the specified time period. When will the next schedule scan occur on the computer?

    A. when the computer reboots

    B. when the user restarts the scan

    C. at the next scheduled scan period

    D. within the next hour

  • Question 220:

    Which action should an administrator take to prevent users from using Windows Security Center?

    A. set Disable antivirus alert within Windows Security Center to Disable

    B. set Disable antivirus alert within Windows Security Center to Never

    C. set Disable Windows Security Center to Disable

    D. set Disable Windows Security Center to Always

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Symantec exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your ST0-134 exam preparations and Symantec certification application, do not hesitate to visit our Vcedump.com to find your solutions here.