250-502 Certification Exam

As a professional IT certification exams provider, Killtest has
released some new exams, such as 1Z0-547, 000-822, HP2-H23
and so on. Of course, we also have other exams that can make
sure you pass them easily. You can come to Killtest.com for
the details. What's more, we have an activity for Symantec
promotion, Killtest offer the biggest discount 15% OFF on all
Symantec exams. 20 Days Only (2012.07.25-08.13), the chance
is limit.

---

The safer , easier way to help you pass any IT exams.
Exam : 250-502
Title
: f i
r
e
wall & integrated security
appliances solutions
Version : DEMO
1 / 5

---

The safer , easier way to help you pass any IT exams.
1. What is another term commonly used for NAT?
A. IP spoofing
B. IP masquerading
C. IP address proxying
D. IP packet address translation
Answer: B
2. Which three can a proxy-based firewall do? (Choose three.)
A. hide addresses on the internal network
B. track each connection across all interfaces
C. inspect encrypted traffic at the application layer
D. allow for logging of events at the application layer
Answer: ABD
3. Your customer has configured their internal network to use the 64.124.0.0/16 network and is using NAT
to route to the Internet. They are complaining that the Symantec LiveUpdate service is not functioning
properly. How should you fix the problem?
A. Configure the NAT to use dynamic DNS.
B. Configure the NAT to route the 64.124.0.0/16 network to the Internet.
C. Reconfigure the internal network to use an accepted private network address.
D. Add a static route from the 64.124.0.0/16 network to the Symantec LiveUpdate servers.
Answer: C
4. How many host IP addresses can a network with a subnet mask of 255.255.255.192 support?
A. 62
B. 64
C. 126
D. 128
Answer: A
5. Which security technology supports encryption and encapsulation to ensure that data cannot be
compromised in transit?
A. PKI
B. VPN
C. RADIUS
D. Kerberos
Answer: B
6. Which two methods are used by VPN technology to ensure data confidentiality? (Choose two.)
2 / 5

---

The safer , easier way to help you pass any IT exams.
A. AES
B. MD5
C. SHA1
D. 3DES
Answer: AD
7. Which three addresses are non-routable on the public Internet? (Choose three.)
A. 10.45.35.234
B. 127.23.45.234
C. 172.14.35.45
D. 172.31.34.5
E. 234.12.23.134
Answer: ABD
8. Which three layers can a firewall use to process network traffic? (Choose three.)
A. network
B. physical
C. data link
D. transport
Answer: ACD
9. How do you ensure that Symantec Enterprise Firewall content filtering is based on a current list of
restricted topics or sites?
A. Use LiveUpdate to download ratings list.
B. Purchase a third-party ratings subscription.
C. Download ratings lists from the Symantec Web site.
D. Configure a referral to an external site and content blocking service.
Answer: A
10. Which three conditions must be met on each firewall when configuring a Symantec Enterprise Firewall
cluster? (Choose three.)
A. same OS version
B. same hardware platform
C. same external IP address
D. multimode fiber interfaces
E. same number of node licenses
Answer: ABE
11. Which three are shipped with Symantec Enterprise Firewall? (Choose three.)
3 / 5

---

The safer , easier way to help you pass any IT exams.
A. pre-configured IPSec/IKE policies
B. pre-configured IPSec/IPv4 policies
C. pre-configured IPSec/Static policies
D. a single Symantec Client VPN license
Answer: ACD
12. Which two methods can you use to limit Symantec Enterprise Firewall VPN tunnel traffic? (Choose
two.)
A. Pass traffic to proxies.
B. Modify the global IKE policy.
C. Create a filter and apply it to an interface.
D. Create a filter and apply it to the VPN policy.
Answer: AD
13. Which two Security Gateway Management Interface (SGMI) methods can you use to allow outbound
SMTP and HTTP traffic if you did not configure these traffic options at the time you installed the Symantec
Enterprise Firewall? (Choose two.)
A. Protocol Tab
B. Policy Wizard
C. System Setup Wizard
D. Rules tab in the Policy Window
Answer: BD
14. In which two formats are Symantec Enterprise Firewall reports available? (Choose two.)
A. XML
B. PDF
C. email
D. HTML
Answer: BD
15. Which three authentication methods does Symantec Enterprise Firewall support? (Choose three.)
A. RADIUS
B. iisProtect
C. TACACS+
D. Bellcore S/Key
Answer: ACD
16. Which three notification methods can be configured via the Security Gateway Management Interface
(SGMI)? (Choose three.)
4 / 5

---

The safer , easier way to help you pass any IT exams.
A. fax
B. SMS
C. pager
D. SNMP
E. client program
Answer: CDE
17. Which Symantec Enterprise Firewall task must you perform to ensure proper functioning of DNSd for
a security gateway facing the Internet?
A. Disable public zone files on the security gateway.
B. Configure a DNS forwarder to point to a root name server.
C. Configure the public recursion record on the security gateway.
D. Configure the DNS server search order to point to the Internet root servers.
E. Ensure network connectivity to the Internet root name servers on the security gateway.
Answer: E
18. Which option should you use to remove a node from a Symantec Enterprise Firewall cluster?
A. Kill Node
B. Delete Node
C. Modify Cluster
D. Configure Cluster
Answer: C
19. What is the Symantec Enterprise Firewall default port for UDP encapsulation data transfer?
A. 117
B. 418
C. 786
D. 1723
Answer: C
20. Which Symantec Enterprise Firewall wizard or tab is used to configure high availability?
A. HA/LB Wizard
B. Cluster Wizard
C. Performance tab
D. High Availability Status tab
Answer: B
5 / 5

---