This page was exported from Braindump2go Free Latest Microsoft Hot Exam Dumps In PDF & VCE Free Download [ https://www.symantecdumps.com ] Export date:Thu Mar 28 10:37:40 2024 / +0000 GMT ___________________________________________________ Title: Official 2014 Symantec ST0-085 Dump Free Download(41-50)! --------------------------------------------------- QUESTION 41Which statement is true about rules in a Symantec Security Information Manager solution? A.    Rules can be created that escalate events to incidents, based on policies defined on each asset.B.    The Rules Editor can create policies on each asset to determine what rules are executed when an event occurs.C.    Rules can be configured on each asset that will launch a vulnerability scan when a specific type of event occurs.D.    The Rules tab can be used on the console to automatically identify available ports on an asset. Answer: A QUESTION 42Which two ratings does the Information Manager Assets Table use to quantify the importance of the device and help determine how to escalate security incidents related to that device? (Select two.) A.    Confidentiality"Pass Any Exam. Any Time." - www.actualtests.com 18Symantec ST0-085 ExamB.    CriticalityC.    SeverityD.    PriorityE.    Integrity Answer: AE QUESTION 43What are two ways the Assets Table can reduce the reporting of false positive security incidents using built-in functionality? (Select two.) A.    assigns proper CIA values to each asset in the tableB.    schedules daily updates of vulnerability information from Symantec's LiveUpdate serviceC.    populates the Policies tab with policies that apply to each assetD.    uses a supported vulnerability scanner to help prioritize incidentsE.    configures normalization of event data captured by the collectors Answer: CD QUESTION 44How can you determine which ports are potentially vulnerable on a given host in the Assets Table? A.    by running the NetScan user action on the assetB.    by looking at the Services tab on the assetC.    by viewing the Details tab for the assetD.    by running the Host Information report on the asset Answer: B QUESTION 45What information is reported by the Nessus scanner when it scans a range of network addresses?"Pass Any Exam. Any Time." - www.actualtests.com 19Symantec ST0-085 Exam A.    configuration data of discovered devicesB.    vulnerabilities of discovered network devicesC.    patch levels installed on discovered devicesD.    the SANS risk level of each discovered device Answer: B QUESTION 46Which service provides Symantec Security Information Manager with updated intelligence about threats? A.    Symantec Security Information ManagerB.    DeepSight Global Intelligence NetworkC.    Symantec Enterprise Security ManagerD.    Symantec Endpoint Protection Answer: B QUESTION 47What does the Correlation Engine do once custom rules are properly defined? A.    Correlates events against the rule criteria, analyzes conclusions and creates impending incidents.B.    Analyzes events against the rule criteria, correlates with existing conclusions and creates the impending incident.C.    Analyzes events against the rule criteria, creates conclusions and correlates conclusions into incidents.D.    Applies individual rules to events, analyzes conclusions and correlates events into incidents. Answer: A QUESTION 48From the Information Manager Console, which procedure allows a Symantec Security Information Manager (SSIM) to forward events to another SSIM appliance? A.    System tab --> Appliance Configuration tab --> create new Forward event --> input IP address of remote appliance --> define Event CriteriaB.    System tab --> Event Configuration tab --> create new Forward event --> input IP address of remote appliance --> define Event CriteriaC.    Appliance Configuration tab --> Event Configuration tab --> create new Forward event --> input IP address of remote appliance --> define Incident CriteriaD.    System tab --> Maintenance tab --> create new Forward event --> input IP address of remote "Pass Any Exam. Any Time." - www.actualtests.com 25Symantec ST0-085 Examappliance --> define Incident Criteria Answer: A QUESTION 49Which task does Symantec Security Information Manager perform relating to Incident Management? A.    Creates a vulnerability category.B.    Performs remediation on the attack.C.    Projects and documents future attacks.D.    Reports incidents to the SANS Internet Storm Center.E.    Assigns incidents to a team member. Answer: E QUESTION 50When multiple incidents involving the same issue are merged, what does Information Manager do? A.    saves the original incidents and creates a new incidentB.    closes the original incidents and creates a new incidentC.    deletes the original incidents and creates a new incidentD.    reports the original incidents to the SANS Internet Storm Center, closes the incidents and creates a new incident Answer: B If you want to pass the Symantec ST0-085 Exam sucessfully, recommend to read latest SymantecST0-085 Dump full version. --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2014-04-22 08:25:30 Post date GMT: 2014-04-22 08:25:30 Post modified date: 2014-04-22 08:25:32 Post modified date GMT: 2014-04-22 08:25:32 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com