Free Cheat-test Samples and Demo Questions Download
Adobe exams Adobe
Apple exams Apple
Avaya exams Avaya
Check Point exams Check Point
Cisco exams Cisco
Citrix exams Citrix
CIW exams CIW
CompTIA exams CompTIA
EC-Council exams EC-Council
EMC exams EMC
Exin exams Exin
Fortinet exams Fortinet
Hitachi exams Hitachi
HP exams HP
IBM exams IBM
Isaca exams Isaca
ISC exams ISC
Juniper exams Juniper
LPI exams LPI
McAfee exams McAfee
Microsoft exams Microsoft
Oracle exams Oracle
PMI exams PMI
Riverbed exams Riverbed
SNIA exams SAP
Sun exams SAS
Symantec exams Symantec
VMware exams VMware
All certification exams

Symantec ST0-025 Exam -

Free ST0-025 Sample Questions:

Q: 1
Which three ratings does the Information Manager Assets Table use to quantify the importance of the device and help determine how to escalate security incidents related to that device? (Choose three.)
A. Confidentiality
B. Criticality
C. Availability
D. Priority
E. Integrity
Answer: A,C,E

Q: 2
On the Symantec Security Information Manager Conditions tab, which two conditions need to be met for a rule to be triggered? (Choose two.)
A. Incident Type
B. Event Criteria
C. Rule Type
D. Device Effected
E. Applicable Licenses
Answer: B,C

Q: 3
Once all rules are properly defined, the Correlation Engine can analyze events against _____.
A. the rule criteria, create triggers, and correlate conclusions into incidents
B. false positives, create conclusions, and correlate conclusions into incidents
C. the rule criteria, create conclusions, and correlate conclusions into incidents
D. the rule criteria, create conclusions, and send conclusions to the database
Answer: C

Q: 4
When multiple incidents involving the same issue are merged, what does Information Manager do?
A. saves the original incidents and creates a new incident
B. closes the original incidents and creates a new incident
C. deletes the original incidents and creates a new incident
D. reports the original incidents to the SANS Internet Storm Center, closes the incidents and creates a new incident
Answer: B

Q: 5
For which three does Symantec Security Information Manager automatically create values when you manually create a new incident? (Choose three.)
A. Event Creator
B. Incident Creator
C. Incident ID number
D. Rule Name
E. Event ID number
Answer: B,C,D

Q: 6
Which statement is true about rules in a Symantec Security Information Manager solution?
A. Rules can be created that escalate events to incidents, based on policies defined on each asset.
B. The Rules Editor can create policies on each asset to determine what rules are executed when an event occurs.
C. Rules can be configured on each asset that will launch a vulnerability scan when a specific type of event occurs.
D. The Rules tab can be used on the console to automatically identify available ports on an asset.
Answer: A

Q: 7
What information is reported by the Nessus scanner when it scans a range of network addresses? (Choose two.)
A. all devices found on the networks scanned
B. Vulnerabilities of discovered network devices
C. patch levels installed on discovered devices
D. the SANS risk level of each discovered device
Answer: A,B

Q: 8
The Symantec Security Information Manager (SSIM) _____ runs on Symantec products that send events to the SSIM server component.
A. collector
B. on-box collector
C. off-box collector
D. agent
Answer: D

Q: 9
When configuring the Event Archive settings of an Information Manager appliance, which three options can be configured? (Choose three.)
A. Auxiliary Storage Device
B. Max Archive Quota
C. Free Space Quota
D. Purge Start Time
E. Purge After
Answer: B,C,E

Q: 10
Which two search templates are pre-defined by Information Manager? (Choose two.)
A. Host Activity
B. Internal Activity
C. IDS Activity
D. Firewall Activity
E. Port Activity
Answer: A,E

© 2014, All Rights Reserved