Official 2014 Symantec ST0-085 Dump Free Download(181-190)!

QUESTION 181
“Pass Any Exam. Any Time.” – www.actualtests.com 2
Symantec ST0-085 Exam
What is the purpose of the critical business assets management feature?

A.    It enables automatic identification and prioritization of security threats that impact business- critical applications.
B.    It obtains an overview of business assets.
C.    It makes it possible to change collectors’ configurations to meet business assets needs.
D.    It provides a visual picture of where critical business assets are located.

Answer: D

QUESTION 182
Which of the following vendor hardware is recommended to use with Symantec Security Information Manager (SSIM)?

A.    IBM
B.    NEC
C.    Dell
D.    Hitachi

Answer: C

QUESTION 183
What are the hard drive specifications for the hardware?

A.    6 drives (2 mirrored and 4 in RAID 5)
B.    6 drives (2 mirrored and 4 in RAID 10)
C.    6 drives (RAID 5)
D.    2 drives (mirrored)

Answer: A

QUESTION 184
“Pass Any Exam. Any Time.” – www.actualtests.com 3
Symantec ST0-085 Exam
Which third-party software components support LDAP for users, roles, and configurations?

A.    IBM Directory Server
B.    Microsoft Active Directory Server
C.    IBM DB2 8.1
D.    IBM DB2 8.2

Answer: A

QUESTION 185
Which OS listed does hardware used for the Symantec Security Information Manager (SSIM) image support?

A.    SUSE
B.    Centos
C.    Redhat
D.    SE Linux

Answer: C

QUESTION 186
Symantec Security Information Manager Series Appliance installs which operating system by default?

A.    Solaris
B.    Windows
C.    SUSE
D.    Red Hat

Answer: D

QUESTION 187
What type of data that comes from DeepSight is mapped to vulnerability, exposure, malicious code, and safeguard mitigation strategies?

A.    normalized event signatures
B.    correlated incident activities
C.    relationships between events
D.    correlated event activities

Answer: A

QUESTION 188
Which option allows events to be ignored by the Correlation Rules and no longer be processed?
“Pass Any Exam. Any Time.” – www.actualtests.com 20
Symantec ST0-085 Exam

A.    Bypass Rules
B.    Conditions
C.    Criteria
D.    Event Filters

Answer: D

QUESTION 189
Which option in the Rules Monitors list allows for follow-up actions that are required to resolve the incident?

A.    Monitors list
B.    Actions
C.    Properties
D.    History

Answer: B

QUESTION 190
Which source is used by Symantec Security Information Manager to create incidents?

A.    SANS Internet Storm Center
B.    Assets Table
C.    analyst input
D.    Correlation Rules

Answer: D

If you want to pass the Symantec ST0-085 Exam sucessfully, recommend to read latest SymantecST0-085 Dump full version.

         

Comments are closed.