Official 2014 Symantec ST0-085 Dump Free Download(121-130)!
QUESTION 121
When are the effective privileges of the SES Administrator role and Domain Administrator role equivalent?
A. when there is only one domain in the system
B. when the administrator is assigned the SES Administrator role “Pass Any Exam. Any Time.” – www.actualtests.com 50
Symantec ST0-085 Exam
C. when the system is newly installed and a domain has not yet been created
D. when the Domain Administrator role is given permission to create users and roles
Answer: A
QUESTION 122
Which two roles are able to modify permissions within the Symantec Security Information Manager solution?
A. SES Administrator
B. Root Administrator
C. System Administrator
D. Domain Administrator
Answer: AD
QUESTION 123
By default, event archives are stored for up to _____ days.
A. 10
B. 30
C. 60
D. 90
Answer: A
QUESTION 124
Which statement about the capabilities of the Event Archive Viewer is true?
A. Event details can be exported to tabular CSV format.
B. Based on a histogram, you can select a time period for viewing.
C. You can execute a ping on any device shown in the Event Viewer.
“Pass Any Exam. Any Time.” – www.actualtests.com 51
Symantec ST0-085 Exam
D. You can narrow the viewable time period to 5 minutes.
Answer: B
QUESTION 125
When configuring the Event Archive settings of an Information Manager appliance, which three options can be configured?
A. Auxiliary Storage Device
B. Max Archive Quota
C. Free Space Quota
D. Purge Start Time
E. Purge After
Answer: BCE
QUESTION 126
Which two are commonly used to view archived events?
A. Information Manager Event Viewer
B. Archive Management Console tab
C. Query Wizard
D. Incident Management Console tab
Answer: AC
QUESTION 127
Which three user actions can be executed by the Information Manager Event Viewer?
A. Finger
B. ping
C. trace route
“Pass Any Exam. Any Time.” – www.actualtests.com 52
Symantec ST0-085 Exam
D. nslookup
E. whois
Answer: ABC
QUESTION 128
Which two search templates are pre-defined by Information Manager?
A. Host Activity
B. Internal Activity
C. IDS Activity
D. Firewall Activity
E. Port Activity
Answer: AE
QUESTION 129
When querying archived event data, how can you make a query available to other users of the system?
A. save it in Published Queries
B. save it in Public Templates
C. grant Read Query permission to the domain
D. check the Shared option on the saved query
Answer: A
QUESTION 130
Which Symantec Security Information Manager feature provides a centralized list of the hosts and devices in a network that are subject to security event correlation?
A. Assets Table
“Pass Any Exam. Any Time.” – www.actualtests.com 53
Symantec ST0-085 Exam
B. Correlation Database
C. Host Table
D. Security Object Database
Answer: A
If you want to pass the Symantec ST0-085 Exam sucessfully, recommend to read latest SymantecST0-085 Dump full version.