ST0-095 ST0-095 Symantec Technical Foundations Security Exam Set 4

Which two questions are appropriate to ask a customer in order to uncover a need for Symantec Control Compliance Suite? (Select two.)


Options are :

  • Are you meeting your required backup windows?
  • Do you need to ensure critical servers are deployed by authorized personnel?
  • Do you need to archive email for legal discovery purposes?
  • Have you recently gone through a merger or acquisition, requiring new entitlements and controls? (Correct)
  • Is your operations team struggling to keep on top of IT audit-related tasks? (Correct)

Answer : Have you recently gone through a merger or acquisition, requiring new entitlements and controls? Is your operations team struggling to keep on top of IT audit-related tasks?

What information does IT asset management (ITAM) provide?


Options are :

  • vulnerabilities that exist in the environment
  • owners of assets within the environment (Correct)
  • access rights to files on a server
  • location of the configuration management database

Answer : owners of assets within the environment

Which type of data can be stored in an asset management system?


Options are :

  • all elements of software and hardware support procedures
  • all elements of hardware failures and related service tags
  • all elements of software, hardware, and related contracts (Correct)
  • all elements of software configuration changes

Answer : all elements of software, hardware, and related contracts

Which trend did Art Gilliland discuss in the Security Solutions 1.0 course as a primary driver for the security vision of Symantec?


Options are :

  • complexity of the infrastructure (Correct)
  • outsourcing of security services
  • plug-and-play security appliances
  • increase in global terrorism

Answer : complexity of the infrastructure

Which two topics did Art Gilliland state in the Security Solutions 1.0 course as areas that Symantec plans to invest in? (Select two.)


Options are :

  • reputation-based security (Correct)
  • identity management
  • cryptography
  • security of social networking sites
  • cross-product management and reporting (Correct)

Answer : reputation-based security cross-product management and reporting

An administrator wants to identify and monitor systems with weak or static passwords. Which Symantec solution can help collect this information?


Options are :

  • Data Loss Prevention
  • Endpoint Protection
  • Critical System Protection
  • Control Compliance Suite (Correct)

Answer : Control Compliance Suite

What is the ultimate enforcement level for information protection?


Options are :

  • configuring and provisioning
  • assessment and compliance
  • remediation and notification
  • prevention and protection (Correct)

Answer : prevention and protection

Which challenge does security information and event management (SIEM) help solve for customers?


Options are :

  • monitoring configuration changes in applications
  • monitoring for security violations (Correct)
  • monitoring for business compliance issues
  • monitoring for performance problems on servers

Answer : monitoring for security violations

What is the Symantec Data Loss Prevention Suite?


Options are :

  • software that backs up valuable data on a regular basis and restores it from backup in the event of data loss
  • software that hardens the configuration of a critical server to prevent the theft of valuable data
  • software that discovers where valuable data is stored and prevents the inappropriate transmission of that data
  • software that identifies viruses on a system and prevents the virus from destroying valuable data (Correct)

Answer : software that identifies viruses on a system and prevents the virus from destroying valuable data

An employee's laptop was recently stolen, but their IT security department is confident that information on the hard drive will remain protected from being viewed. Which Symantec solution has IT deployed on the laptop?


Options are :

  • Endpoint Encryption (Correct)
  • Data Loss Prevention
  • Critical System Protection
  • Endpoint Protection

Answer : Endpoint Encryption

What are two types of targets that should be scanned to see if they contain confidential information at rest? (Select two.)


Options are :

  • file servers
  • firewalls (Correct)
  • routers (Correct)
  • encryption gateways
  • databases

Answer : firewalls routers

Which information from a customer helps to uncover a need for Symantec Data Loss Prevention?


Options are :

  • how servers with data are deployed and patched
  • how employees back up data on their laptops and cell phones (Correct)
  • the types of servers in the data center
  • where confidential data is stored and how it is being used and managed

Answer : how employees back up data on their laptops and cell phones

Which type of product should a company use to identify installed software to determine licensing compliance?


Options are :

  • endpoint protection
  • asset management (Correct)
  • patch management
  • software delivery

Answer : asset management

Which action should accompany the automatic relocation of a confidential file on a file share?


Options are :

  • running an anti-malwarescan on it to check for threats
  • leaving behind a marker file explaining how to regain access to the file (Correct)
  • re-routing it to a quarantine folder on the mail server and emailing the sender
  • fixing the access control permissions on the share to limit access

Answer : leaving behind a marker file explaining how to regain access to the file

Which Symantec solution informs an administrator that a particular server has excessive file system rights?


Options are :

  • Endpoint Encryption
  • Control Compliance Suite (Correct)
  • Altiris IT Management Suite
  • Security Information Manager

Answer : Control Compliance Suite

Why is security configuration management important to business leaders, according to the Security Solutions 1.0 course?


Options are :

  • It improves the network security of an environment.
  • It consolidates system use and increases revenue.
  • It drives down costs and improves efficiencies. (Correct)
  • It consolidates the management of security software.

Answer : It drives down costs and improves efficiencies.

Which component of Symantec Security Information Manager (SSIM) helps companies determine a potential threat in real-time?


Options are :

  • log management
  • correlation (Correct)
  • incident management
  • log consolidation

Answer : correlation

What are two components of the policy management lifecycle according to the Security Solutions 1.0 course? (Select two.)


Options are :

  • develop (Correct)
  • manage
  • secure
  • review (Correct)
  • authorize

Answer : develop review

What is an example of why context is important for accurate detection of confidential data?


Options are :

  • Detection of both structured and unstructured confidential data is important.
  • Detection technologies need to hold up under a heavy production load.
  • Unstructured data can contain significant confidential data.
  • Confidential data going to a trusted partner may be acceptable. (Correct)

Answer : Confidential data going to a trusted partner may be acceptable.

What are two benefits of hardware device control? (Select two.)


Options are :

  • eliminates the need for asset management
  • tracks devices if they are lost or stolen
  • prevents propagation of malicious code (Correct)
  • optimizes performance of removable hard drives
  • reduces the risk of confidential data loss (Correct)

Answer : prevents propagation of malicious code reduces the risk of confidential data loss

Which action can be performed when using IT asset management (ITAM) when an employee leaves the organization?


Options are :

  • extract archived emails from their laptop for reviewing
  • extract software licenses from their laptop for re-purposing (Correct)
  • extract private data from their laptop for securing
  • extract the memory footprint from their laptop for analyzing

Answer : extract software licenses from their laptop for re-purposing

What information does IT asset management (ITAM) provide?


Options are :

  • access rights to files on a server
  • location of the configuration management database
  • vulnerabilities that exist in the environment
  • owners of assets within the environment (Correct)

Answer : owners of assets within the environment

What is the ultimate enforcement level for information protection?


Options are :

  • remediation and notification
  • configuring and provisioning
  • assessment and compliance
  • prevention and protection (Correct)

Answer : prevention and protection

What does patch management need to accurately target computers within an environment?


Options are :

  • an endpoint management system
  • a system management software package
  • an accurate up-to-date inventory (Correct)
  • an accurate software delivery mechanism

Answer : an accurate up-to-date inventory

Which endpoint protection strategy uses system-level control of applications, processes, and hardware devices to prevent inappropriate software from running on a system?


Options are :

  • network intrusion prevention
  • host-based malware prevention
  • host intrusion prevention (Correct)
  • network access prevention

Answer : host intrusion prevention

Which component of Symantec Security Information Manager (SSIM) helps companies determine a potential threat in real-time?


Options are :

  • correlation (Correct)
  • incident management
  • log consolidation
  • log management

Answer : correlation

What makes a security policy effective and functional?


Options are :

  • strict enforcement
  • support from management (Correct)
  • as much detail as possible
  • strict requirements

Answer : support from management

What is the primary purpose of change control in the context of security?


Options are :

  • to apply changes that increase security posture
  • to automatically apply security changes on a set schedule
  • to prevent changes from decreasing security posture (Correct)
  • to automatically undo changes that cause security problems

Answer : to prevent changes from decreasing security posture

What are two conditions driving the need for endpoint security? (Select two.)


Options are :

  • Mobile computers and removable devices allow for rapid propagation of threats. (Correct)
  • Network perimeters are frequently ill-defined and provide multiple access points. (Correct)
  • The severity of traditional network-based threats have been on the decline.
  • Network firewalls are unable to allow, deny, or manipulate data traffic.
  • Spam email makes up 87% of all email traffic coming into an organization.

Answer : Mobile computers and removable devices allow for rapid propagation of threats. Network perimeters are frequently ill-defined and provide multiple access points.

Which malware identification technique blocks all applications and processes from running, unless they are legitimate and appropriate software as determined by a security policy?


Options are :

  • heuristics
  • definition matching
  • whitelisting (Correct)
  • blacklisting

Answer : whitelisting

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions