ST0-085 Symantec Security Information Manager Practice Exam Set 5

Symantec Security Information Manager ____ Series provides dynamic correlation and centralized management of large, distributed enterprise deployments.


Options are :

  • 9630
  • 9850
  • 9600
  • 9650

Answer : 9650

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Exam Set 1

From the Information Manager Console, the _____ feature allows you to prioritize remediation efforts on critical network devices.


Options are :

  • assets
  • reports
  • rules
  • tickets

Answer : assets

Which database houses incidents and summary data?


Options are :

  • MySQL
  • IBM DB2
  • Oracle
  • MSSQL

Answer : IBM DB2

Once all rules are properly defined, the Correlation Engine can analyze events against _____.


Options are :

  • the rule criteria, create conclusions, and correlate conclusions into incidents
  • false positives, create conclusions, and correlate conclusions into incidents
  • the rule criteria, create conclusions, and send conclusions to the database
  • the rule criteria, create triggers, and correlate conclusions into incidents

Answer : the rule criteria, create conclusions, and correlate conclusions into incidents

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Exam Set 6

How do you install a valid DeepSight Integration License?


Options are :

  • use the Install License Wizard
  • open the Symantec Security Information Manager Console; select Configure Appliance; click on DeepSight Integration Manager Configuration
  • open Symantec Security Information Manager Console; select Configure Appliance; click on Licenses
  • on the appliance, place the license in the /opt/Symantec/license folder

Answer : open the Symantec Security Information Manager Console; select Configure Appliance; click on DeepSight Integration Manager Configuration

Which tab on the Information Manager Console allows you to view threat and vulnerability information?


Options are :

  • Rules
  • Intellegence
  • Reports
  • Dashboard

Answer : Intellegence

Once data is archived and removed from Symantec Security Information Manager, what allows you to access that data?


Options are :

  • Correlated Event Viewer
  • Incident Archive Viewer
  • Archive Log Viewer
  • Event Archive Viewer

Answer : Event Archive Viewer

ST0-248 Symantec Storage Foundation 6.1 UNIX Technical Exam Set 3

Which three need to be collected as part of pre-deployment planning?


Options are :

  • desktop application
  • host operating systems
  • number of events per second
  • number of geographical locations
  • event-to-incident ratio under normal and peak conditions

Answer : host operating systems number of events per second event-to-incident ratio under normal and peak conditions

Symantec Security Information Manager Series Appliance installs which operating system by default?


Options are :

  • Solaris
  • SUSE
  • Red Hat
  • Windows

Answer : Red Hat

How does Symantec Security Information Manager allow the user to modify the tables in the event data archive?


Options are :

  • add, delete, and reorganize predetermined columns
  • add, delete, and rename predetermined columns
  • add, delete, and modify pre-existing columns
  • add, delete, and reorganize predetermined rows

Answer : add, delete, and reorganize predetermined columns

250-271 Administration Symantec Net Backup 7.5 for Unix Exam Set 10

Symantec Security Information Manager automatically escalates security events into incidents based on a number of pre-defined and user-defined _____.


Options are :

  • tickets
  • incidents
  • events
  • rules

Answer : rules

On which three operating systems can the Symantec Security Information Manager Agent 2.5 be installed?


Options are :

  • Red Hat 3
  • HP-UX 11
  • IBM AIX 5
  • Windows 2000
  • Solaris 9

Answer : Red Hat 3 Windows 2000 Solaris 9

How do you install the Symantec Security Information Manager (SSIM) Console?


Options are :

  • from the SSIM appliance, deploy the console to your machine
  • on the SSIM DVD, go to Tools and install the client
  • go to the SSIM web interface, download the client and click Run
  • No installation is necessary because SSIM is a browser-based tool.

Answer : go to the SSIM web interface, download the client and click Run

ST0-91W ST0-91W Symantec NetBackup 7.0 for Windows Exam Set 6

What is the purpose of the critical business assets management feature?


Options are :

  • It makes it possible to change collectors' configurations to meet business assets needs.
  • It enables automatic identification and priorization of security threats that impact business-critical applications
  • It obtains an overview of business assets.
  • It provides a visual picture of where ciritical business assets are located.

Answer : It enables automatic identification and priorization of security threats that impact business-critical applications

Through which medium is appliance software installed?


Options are :

  • software download
  • CD-ROM
  • Software is preinstalled.
  • DVD

Answer : DVD

What is the difference between Symantec Security Information Manager (SSIM) on-box and off-box collectors?


Options are :

  • Off-box collectors are installed on the appliance and on-box collectors are installed on assets.
  • On-box collectors are automatically installed with the SSIM software and off-box collectors are installed separately.
  • Off-box collectors are installed on the SSIM products and on-box collectors are installed on the appliance.
  • On-box collectors are installed prior to SSIM software installation and off-box collectors are installed separately.

Answer : On-box collectors are automatically installed with the SSIM software and off-box collectors are installed separately.

ST0-237 Symantec Loss Prevention Technical Assessment Exam Set 7

What is Device-level aggregation?


Options are :

  • event and log sensoring
  • forwarding event data to the appliance
  • parsing data with data sensors
  • grouping data to reduce traffic and database size

Answer : grouping data to reduce traffic and database size

Which Symantec Security Information Manager Console allows you to set up and configure DAS devices?


Options are :

  • Simuser CLI menu
  • Configuration must only be performed from the DAS device
  • Information Manager DAS Storage Configuration Interface
  • Information Manager Web Configuration Interface

Answer : Information Manager Web Configuration Interface

When should a Symantec Security Information Manager database be restored?


Options are :

  • when the data has reached its lifetime expectancy
  • when false-positive data is confirmed to exist in the database
  • when there is a database failure that cannot be fixed
  • when the database has been compromised

Answer : when there is a database failure that cannot be fixed

ST0-247 Symantec Cluster Server 6.1 for UNIX Technical Test Set 9

What are the hard drive specifications for the 9650?


Options are :

  • 6 drives (RAID 5)
  • 6 drives (2 mirrored and 4 in RAID 5)
  • 2 drives (mirrored)
  • 6 drives (2 mirrored and 4 in RAID 10)

Answer : 6 drives (2 mirrored and 4 in RAID 5)

The Symatec Security Information Manager Series _____ is also referred to as the collection appliance.


Options are :

  • 9630
  • 9550
  • 9650
  • 9530

Answer : 9630

Which RAID level is recommended in a DAS configuration?


Options are :

  • RAID 1
  • RAID 7
  • RAID 5
  • RAID 10

Answer : RAID 5

ST0-91W Symantec NetBackup 7.0 for Windows (STS) Test Set 6

Which menu options do you select in the user interface to shut down or reboot the Symantec Security Information Manager (SSIM) appliance?


Options are :

  • SSIM Console --> Shutdown/Restart
  • SSIM --> Configure Appliance --> Shutdown/Restart
  • System --> Shutdown/Restart
  • SSIM Console --> Systems tab

Answer : SSIM --> Configure Appliance --> Shutdown/Restart

The Symantec Security Information Manager includes a(n) _____ feature that allows the security administrator to instantly access a customized view of major security indicators.


Options are :

  • dashboard
  • events
  • reports
  • intelligence page

Answer : dashboard

What information is necessary to properly size a deployment?


Options are :

  • hard drive space, incidents per second and collector types
  • hard drive space, events per second and geographic locations
  • events per second, geographic locations and event-to-incident ratio
  • events per second, collector types and incident-to-event ratio

Answer : events per second, geographic locations and event-to-incident ratio

ST0-248 Symantec Storage Foundation 6.1 UNIX Technical Exam Set 4

Which general release version of JRE is installed with the product?


Options are :

  • 1.5.0
  • 2
  • 1.2
  • 1.4.2

Answer : 1.5.0

Which third-party software components support LDAP for users, roles, and configurations?


Options are :

  • IBM DB2 8.1
  • IBM Directory Server 6.0
  • IBM Directory Server 7.0
  • IBM DB2 8.2

Answer : IBM Directory Server 6.0

What information must be obtained prior to product deployment and configuration of the Symantec Security Information Manager appliance?


Options are :

  • the number of security events per day the appliance will handle
  • the number of nodes found in the customer's infrastructure
  • which on-box collectors are appropriate for installation
  • the air-conditioning and power requirements

Answer : the number of security events per day the appliance will handle

250-405 Administration of Symantec Management Platform Exam Set 4

How can an organization connect to the Integrated Global Security Intelligence to receive updates?


Options are :

  • by licensing the DeepSight Security feature
  • by using the default settings within the console
  • by licensing the Integrated Global Security Intelligence product
  • by enabling this feature within the console

Answer : by licensing the DeepSight Security feature

What are on-box collectors?


Options are :

  • Checkpoint, Snort and PIX
  • Checkpoint, UNIX Syslog and Symantec Network Security
  • PIX, UNIX Syslog and Sygate
  • PIX, Snort and Symantec Mail Security

Answer : Checkpoint, Snort and PIX

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions