最新最全的ST0-025题库下载！（killtest题库网提供）

ST0-025考试题库由我们专业IT认证讲师及产品专家精心打造，包括了当前最新的全真考试试题，全部附有正确答案。题库的覆盖率在96%以上，并且随着认证厂商对考题做出的动态变化而及时更新，确保了考生能一次通过考试!
关于这门考题的最新信息如下：
考试代号：ST0-025
认证名称: Symantec Security Information Manager 4.5 (STS)
版本号：V8.02
考题数量：100道
更新日期：2010-12-17
1.What are two ways in which new entries can be added to the Assets Table of a Symantec Security Information Manager solution? (Choose two.)
A. through the Lookup Tables pane of the Information Manager Console
B .importing from HP OpenView through the OpenView Integration feature
C. importing from a .CSV file exported from Active Directory
D. automatic population through a supported vulnerability scanner
Answer: C, D

2.Which three ratings does the Information Manager Assets Table use to quantify the importance of the device and help determine how to escalate security incidents related to that device? (Choose three.)
A. Confidentiality
B. Criticality
C. Availability
D. Priority
E. Integrity
Answer: A, C, E

3.How can you determine which ports are potentially vulnerable on a given host in the Assets Table?
A. by running the NetScan user action on the asset
B. by looking at the Services tab on the asset
C. by viewing the Details tab for the asset
D. by running the Host Information report on the asset
Answer: B

4.How do you install the Symantec Security Information Manager (SSIM) Console?
A. on the SSIM DVD, go to Tools and install the client
B. go to the SSIM web interface, download the client and click Run
C. from the SSIM appliance, deploy the console to your machine
D. No installation is necessary because SSIM is a browser-based tool.
Answer: B

5.Which menu options do you select in the user interface to shut down or reboot the Symantec Security Information Manager (SSIM) appliance?
A. System --> Shutdown/Restart
B. SSIM Console --> Shutdown/Restart
C. SSIM --> Configure Appliance --> Shutdown/Restart
D. SSIM Console --> Systems tab
Answer: C

6.Where do you configure LiveUpdate for Symantec Security Information Manager (SSIM)?
A. SSIM Start Page --> Configure Appliance --> LiveUpdate tab
B. SSIM Console --> Systems tab --> LiveUpdate tab
C. from a command prompt
D. SSIM Client --> Maintenance tab --> LiveUpdate tab
Answer: A

1.By default, event archives are stored for up to _____ days.
A. 10
B. 30
C. 60
D. 90
Answer: A

2.Which two are commonly used to view archived events? (Choose two.)
A. Information Manager Event Viewer
B. Archive Management Console tab
C. Query Wizard
D. Incident Management Console tab
Answer: A, C

3.When querying archived event data, how can you make a query available to other users of the system?
A. save it in Published Queries
B. save it in Public Templates
C. grant Read Query permission to the domain
D. check the Shared option on the saved query
Answer: A

4.Normalization provides a unique identifier for each type of event and _____.
A. adds Correlation Manager-specific data to the translated incident
B. adds Correlation Manager-specific data to the translated event
C. maps events to a device-specific signature
D. maps incidents to a device-specific signature
Answer: B

5.What is the correct Symantec Security Information Manager incident identification pipeline?
A. collection --> normalization --> rule processing --> attack tracing --> correlation to vulnerabilities -->
incident prioritization
B. normalization --> collection --> rule processing --> attack tracing --> correlation to vulnerabilities -->
incident prioritization
C. rule processing --> normalization --> collection --> attack tracing --> correlation to vulnerabilities -->
incident prioritization
D. attack tracing --> rule processing --> normalization --> collection --> correlation to vulnerabilities -->
incident prioritization
Answer: A

6.Security data is continuously gathered from thousands of security sensors worldwide through the
integrated _____.
A. Symantec Security Information Manager
B. DeepSight Global Intelligence Network
C. Symantec Enterprise Security Manager
D. Symantec Sygate Solution
Answer: B
考生如需下载更多的Symantec认证方面的题库，可登陆killtest题库网。对考试有任何疑惑的地方还可以咨询网站的客服。