ST0-095 ST0-095 Symantec Technical Foundations Security Exam Set 3

How does a workflow solution work with collaborative applications?


Options are :

  • It helps monitor system utilization between applications
  • It helps monitor configuration changes between applications.
  • It streamlines tasks and applies configuration changes to each application
  • It streamlines tasks and connects independent business applications (Correct)

Answer : It streamlines tasks and connects independent business applications

What are the benefits of security information and event management?


Options are :

  • identifying and tracking critical assets and information
  • preventing well-meaning insiders from accessing critical data
  • automatically implementing changes to the IT security policy
  • quickly identifying security breaches and reducing vulnerabilities (Correct)

Answer : quickly identifying security breaches and reducing vulnerabilities

Which information from a customer helps to uncover a need for Symantec Data Loss Prevention?


Options are :

  • how employees back up data on their laptops and cell phones (Correct)
  • where confidential data is stored and how it is being used and managed
  • the types of servers in the data center
  • how servers with data are deployed and patched

Answer : how employees back up data on their laptops and cell phones

A customer is experiencing image-based spam and phishing attacks that are negatively impacting messaging flow. Which Symantec solution should be recommended to this customer?


Options are :

  • Network Access Control
  • Backup Exec System Recovery
  • Brightmail Gateway (Correct)
  • Endpoint Protection

Answer : Brightmail Gateway

What is an example of fan-out remediation involving information protection incidents?


Options are :

  • First incidents levels arebaselined, then monitored, and then blocked
  • Incidents go to a desktop security team, and then to the CISO
  • Incidents go to an escalation team and then to a core incident response team.
  • Incidents go to a core incident response team and then to an escalation team. (Correct)

Answer : Incidents go to a core incident response team and then to an escalation team.

Which two pieces of information from a customer help to uncover a need for the Altiris IT Management Suite? (Select two.)


Options are :

  • whether the customer's current spam solution uses global reputation analysis
  • whether the customer allows users to connect to their network via VPN
  • whether the customer needs to prioritize and quickly deploy patches (Correct)
  • whether the customer is archiving their emails and files
  • whether the customer is planning to migrate to Windows 7 (Correct)

Answer : whether the customer needs to prioritize and quickly deploy patches whether the customer is planning to migrate to Windows 7

What is the goal of a denial of service attack?


Options are :

  • to capture files from a remote system
  • to exploit a weakness in the TCP/IP stack (Correct)
  • to execute atrojan using the hidden shares
  • to incapacitate a system or network

Answer : to exploit a weakness in the TCP/IP stack

An organization would like to implement a solution that will correlate and analyze security log data to help them identify threats. Which strategy is appropriate for this organization?


Options are :

  • managed security services
  • compliance and policy management
  • security information and events management (Correct)
  • endpoint protection

Answer : security information and events management

Which trend did Art Gilliland discuss in the Security Solutions 1.0 course as a primary driver for the security vision of Symantec?


Options are :

  • outsourcing of security services
  • complexity of the infrastructure (Correct)
  • plug-and-play security appliances
  • increase in global terrorism

Answer : complexity of the infrastructure

How can a security professional within an organization become viewed as a business partner to an executive?


Options are :

  • by speaking to security roles and processes
  • by articulating risk in terms of financial value (Correct)
  • by speaking to the fundamentals of security
  • by ensuring that compliance is the top priority

Answer : by articulating risk in terms of financial value

What is global reputation analysis ineffective against?


Options are :

  • zombie-based spam attacks
  • small targeted spam attacks (Correct)
  • spam attacks from known senders
  • identifying reliable senders

Answer : small targeted spam attacks

What drives consultative conversations and establishes credibility with an organization?


Options are :

  • providing regulatory information
  • providing industry insight (Correct)
  • establishing technical controls
  • establishing a security policy

Answer : providing industry insight

Why are organizations currently more interested in complying to government or industry regulations specific to their business, according to the Security Solutions 1.0 course?


Options are :

  • Severe penalties are being enforced. (Correct)
  • Businesses are experiencing moreturnover.
  • Industrial espionage is on the rise.
  • Mandatory monthly audits are required.

Answer : Severe penalties are being enforced.

Which two questions are appropriate to ask a customer in order to uncover a need for Symantec Control Compliance Suite? (Select two.)


Options are :

  • Have you recently gone through a merger or acquisition, requiring new entitlements and controls? (Correct)
  • Is your operations team struggling to keep on top of IT audit-related tasks? (Correct)
  • Are you meeting your required backup windows?
  • Do you need to archive email for legal discovery purposes?
  • Do you need to ensure critical servers are deployed by authorized personnel?

Answer : Have you recently gone through a merger or acquisition, requiring new entitlements and controls? Is your operations team struggling to keep on top of IT audit-related tasks?

An organization has a requirement to ensure they are meeting industry best practices for securing their IT environment. Which strategy is appropriate for this organization?


Options are :

  • security information management
  • asset protection
  • compliance assessment (Correct)
  • data protection

Answer : compliance assessment

Which information does an organization need to analyze in order to apply a risk-based approach to their security and compliance practices, according to the Security Solutions 1.0 course?


Options are :

  • which employees have remote access
  • which data is being backed-up
  • which hardware is most costly to replace
  • which servers contain critical data (Correct)

Answer : which servers contain critical data

What is the primary benefit of hard drive encryption?


Options are :

  • provides non-repudiation for the transmission of data through email (Correct)
  • allows confidential data to be shared in a secure fashion
  • blocks the user from sharing information with outside parties
  • prevents exposure of confidential data if a system is lost or stolen

Answer : provides non-repudiation for the transmission of data through email

What is a critical success factor when implementing workflow software?


Options are :

  • It should work well with web security software
  • It should work well with network access controls.
  • It should work well with bug tracking infrastructure.
  • It should work well with application integration software. (Correct)

Answer : It should work well with application integration software.

What is a mandate, as defined in the Security Solutions 1.0 course?


Options are :

  • a way to measure if policy objectives are met
  • a document that details specific corporate objectives
  • an internal or external set of requirements (Correct)
  • industry-accepted best practices

Answer : an internal or external set of requirements

Last year a company had an incident where several notebooks belonging to executives were stolen from their cars. These notebooks could have contained information that, if put into the wrong hands, would have presented a large risk. Which two solutions can reduce the risk associated with this scenario? (Select two.)


Options are :

  • Endpoint Protection
  • Critical System Protection
  • Endpoint Encryption (Correct)
  • Data Loss Prevention (Correct)
  • Control Compliance Suite

Answer : Endpoint Encryption Data Loss Prevention

What is an example of monitoring the usage of confidential data?


Options are :

  • checking firewall logs for access history
  • relocating a file located on a file server
  • blocking a file going to an external USB device
  • inspecting data being emailed out of an organization (Correct)

Answer : inspecting data being emailed out of an organization

Which endpoint protection strategy uses rulesets to block or allow network traffic going to or coming from the endpoint?


Options are :

  • host intrusion prevention
  • host-based firewall (Correct)
  • encryption firewall
  • botnet prevention

Answer : host-based firewall

What does patch management need to accurately target computers within an environment?


Options are :

  • a system management software package
  • an accurate software delivery mechanism
  • an endpoint management system
  • an accurate up-to-date inventory (Correct)

Answer : an accurate up-to-date inventory

Which Symantec solution can identify and block a malicious file from being downloaded in an HTTP session?


Options are :

  • Brightmail Gateway
  • Network Access Control
  • Critical System Protection
  • Web Gateway (Correct)

Answer : Web Gateway

Which endpoint protection strategy uses system-level control of applications, processes, and hardware devices to prevent inappropriate software from running on a system?


Options are :

  • host intrusion prevention (Correct)
  • network intrusion prevention
  • network access prevention
  • host-based malware prevention

Answer : host intrusion prevention

Which two pieces of information from a customer help to uncover a need for the Altiris IT Management Suite? (Select two.)


Options are :

  • whether the customer is archiving their emails and files
  • whether the customer needs to prioritize and quickly deploy patches (Correct)
  • whether the customer is planning to migrate to Windows 7 (Correct)
  • whether the customer allows users to connect to their network via VPN
  • whether the customer's current spam solution uses global reputation analysis

Answer : whether the customer needs to prioritize and quickly deploy patches whether the customer is planning to migrate to Windows 7

A malicious insider was identified and recently terminated, and the organization wants to ensure that all company-owned hardware was returned by the employee. Which Symantec solution will help accomplish this?


Options are :

  • Data Loss Prevention
  • Critical System Protection
  • Altiris IT Management Suite (Correct)
  • Endpoint Encryption

Answer : Altiris IT Management Suite

Which Symantec solution can lock down a system and prevent software installation?


Options are :

  • Control Compliance Suite
  • Critical System Protection (Correct)
  • Data Loss Prevention
  • Network Access control

Answer : Critical System Protection

What is the purpose of defining a technical standard?


Options are :

  • to implement the guidelines directed by management
  • to identify minimum system configuration requirements for assets (Correct)
  • to define roles and responsibilities within an organization
  • to create documented exceptions or waivers to a policy

Answer : to identify minimum system configuration requirements for assets

Which network protection strategy offers the strongest protection against outside threats?


Options are :

  • client server network
  • air-gapped network (Correct)
  • virtual private network
  • dedicated firewall network

Answer : air-gapped network

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions