ST0-199 - Symantec Messaging Gateway 10.0 Technical Assessment
Go back to Symantec
An administrator works for a pharmaceutical company that distributes Drug X.A content filtering policy using the premium compliance "Prescription Drug Names" dictionary resource (which includes Drug X as a predefined phrase), blocks any email from the Marketing department containing the drug name. Marketing has indicated that this is unacceptable but wishes to continue to block the use of other words or phrases in that dictionary. How can the administrator adjust the resources used by the current content filtering policy to resolve the Marketing department issue?
disable Drug X from the "Prescription Drug Names" dictionary
Before performing a software update on a scanner-only appliance, which MTA operation/mode should be chosen if there are messages in the queues?
do not accept incoming messages
What is the default action taken during an email virus attack?
defer SMTP connection
Symantec Messaging Gateway 10.0 includes a policy-based encryption feature. How is this new feature licensed?
The license is included with Symantec Content Encryption.
Which URL must be accessed to successfully register a newly added Symantec Messaging Gateway 10.0 license file?
The Symantec Messaging Gateway 10.0 appliance will be deployed with the following topology: Internet Default Gateway (10.10.10.1) <--> Email Gateway (10.10.10.11) <- -> Symantec Messaging Gateway (10.10.10.21) <--> Internal Mail Server (10.10.10.31) Which IP address should be specified in the Mail Filtering - Non-local Mail Delivery page of the site setup wizard?
Which prerequisite must be met to take advantage of the Connection Classification and Fastpass features?
Symantec Messaging Gateway must be the first SMTP hop into the network.
Which two statistics can the administrator view regarding the custom anti-spam rulesets? (Select two.)
the "top-submitters" of missed spam or false positive detections
how many emails have been submitted for custom antispam rules
Which directory data source function must be enabled to help prevent a directory harvest attack?
Which two features of Symantec Messaging Gateway 10.0 can be implemented to address the need of Data Loss Prevention (DLP)? (Select two.)
setup content filtering rules using pre-defined content category dictionaries
setup connection to Symantec's DLP Enforce product
How could an administrator filter email more aggressively by adjusting the suspected spam score?
Lower the suspected spam score from the default to 60.
Which two functions of Symantec Messaging Gateway 10.0 can use information retrieved from a directory data source? (Select two.)
Which networking parameter can be configured during site setup wizard?
virtual IP address
Message throughput of a Symantec Messaging Gateway scanner-only appliance can be reduced by which two features? (Select two.)
When enabling Connection Classification, how many messages must be processed in learning mode before messages can be deferred?
What will trigger a spam policy by default in Symantec Messaging Gateway 10.0?
inserting the header X-Advertisement: spam into the message header
There is a firewall in place between Symantec Messaging Gateway 10.0 and the Internet at the customer site. An administrator needs to use an external NTP server on the Internet for time synchronization. Which port must be open on the firewall to allow this?
Which two can be used to verify that Symantec Messaging Gateway 10.0 is processing messages? (Select two,)
view the Message Audit log
view message headers
Which Symantec Messaging Gateway 10.0 feature is used to organize, monitor, and manage incidents?
Which feature places a sender's IP address in a penalty box for sending messages to multiple invalid email addresses?
Directory Harvest Attack
A diagnostics package for a scanner-only appliance can be generated from the GUI in Symantec Messaging Gateway 10.0. If the package is small (less than 5 MB), which transfer protocol type should be used by the administrator to verify the diagnostics package before providing it to technical support for analysis?
download to desktop
An administrator recently investigated the debug logs for Symantec Messaging Gateway 10.0 and resolved an issue. A few days later the administrator discovers that the disk storage is filling up quickly. What is the likely cause?
local log level is set to Debug
In addition to a configured seed, which other characteristic does Symantec Messaging Gateway 10.0 use to create a unique tag for Bounce Attack Prevention?
Which two options are valid for pre-configured actions for the language identification feature in Symantec Messaging Gateway 10.0? (Select two.)
do not receive mail in the following languages
only receive mail in the following languages
With Fastpass enabled, which two verdicts may be excluded for messages with a pass? (Select two.)
Where are options for backup and restore of Symantec Messaging Gateway 10.0 located?
Administration -> Version
What are two functions of the Control Center? (Select two.)
It provides message management services.
It hosts Spam Quarantine.
An employee reports that a message sent to a customer was rejected. The employee provides sufficient information for the administrator to find the message using the Message Audit log. The employee wants to know why that message was blocked. Which section of the Message Audit Log detail page would provide this information?
How does enabling and configuring sender authentication options in Symantec Messaging Gateway 10.0 help to protect against spam?
by protecting against messages with forged sender domains
An administrator tests the default antivirus policies by sending a message with an encrypted attachment. When the administrator checks the recipient inbox, what appears?
The test email appears with a modified subject line.
What is an advantage of Symantec Content Encryption over TLS encryption?
ensures secure end-to-end delivery of sensitive messages
Symantec Messaging Gateway 10.0 is running out of disk space due to storing extended logs. The administrator is required to store extended log data for more than a year. Which action should the administrator take?
configure remote logging
Which Directory Data Source function must be configured to enable end-user spam quarantine?
How should an administrator stop inbound mail using the command line interface (CLI)?
A company uses multiple control centers. What must be done to ensure legitimate NDRs are recognized by Bounce Attack Prevention across all scanners?
configure the same seed value on each control center
When should Connection Classification be enabled?
when deployed at the edge of the network
What is the function of a sender authentication scheme?
to verify that the sending MTA is authorized to send mail for a given domain
True file typing is a feature used to combat which behavior?
removing or disguising extensions to bypass virus scanning
Which Symantec Messaging Gateway 10.0 feature will change the original domain of an internal user relaying mail outside of an organization?
What must be done before using Spam Quarantine?
configure groups to have a policy to quarantine messages
What can administrators do in order to receive custom anti-spam rulesets?
enable the customer-specific rules feature and submit unwanted messages
Which type of information can be found on the Status dashboard of Symantec Messaging Gateway 10.0?
Inbound Email Message Summary
An administrator wants to ensure high performance and failover access between the LDAP servers and Symantec Messaging Gateway 10.0. Which configuration mode will help ensure this?
round robin DNS
Which TCP port is used for communication between the Control Center and the scanner(s)?
What is the recommended minimum hard-drive size for a virtual instance of Symantec Messaging Gateway 10.0?
Having received a targeted attack from a spoofed email domain, a company wants to take advantage of DKIM validation for inbound mail. The messaging administrator has enabled sender authentication and DKIM validation and now needs to configure a content filtering policy to quarantine any messages that fail. Which condition should be met for the content filtering policy to fire?
The message header contains "dkim=fail".
Which command is used to collect the configuration and log files from the command line interface (CLI)?
An organization has an extremely large LDAP database. What is done in Symantec Messaging Gateway 10.0 that will help prevent mail from backing up in the system during the initial directory building process?
preload the directory data cache
What is one effect of deploying a Symantec Messaging Gateway scanner between an Internet email gateway and the internal groupware mail server?
Symantec Messaging Gateway scanners might identify the IP address of the internal gateway MTA as a source of spam.
Which command line interface (CLI) command displays the update.log to check the progress of a software update of Symantec Messaging Gateway 10.0?