一番効率的にST0-025「Symantec Security Information Manager 4.5 (STS)」認定試験にパスできる秘密はPass4test問題集の中に隠れる!

By blog Admin | 投稿日: Sat, 08 Sep 2012 21:55:29 GMT

ST0-025試験の詳しい内容は以下のようです。

試験番号:ST0-025
試験科目:Symantec 「Symantec Security Information Manager 4.5 (STS)」
問題と解答:全100問

Symantec STS-Partner-Accreditation ST0-025

以上の試験に参加したことがなかった貴方も皆さんと同じく、以上の試験内容を見れば、恐しくなるような気がしますね。なぜかというと、試験に関連する専門知識はわかるかもしれないのですが、試験に関する情報はただ時間とか問題数とか、試験の現場の雰囲気とかは全然わからないでしょう。今は、貴方は困る必要はありません。弊社Pass4testは真の認定試験の前に、ST0-025認定試験の雰囲気を自分で体験することができます。

Pass4Test会社に開発された試験問題集はIT技術者向きのいろいろな模擬問題集で、一回で試験に合格できることを保証いたします。ST0-025認定試験の的中率とても高いで、ST0-025試験の経験がある専門家によって、ST0-025認定試験の出題を分析および調査を行うことで、ST0-025問題集は一番適当な価格で受験者に提供いたします。一年で無料アップデートサービスを提供して、品質がよくて、絶対に受験者たちのいい選択でございます。受験の前にST0-025無料サンプルを体験して頂くこともできます。

Pass4test会社は2001年からスタートし,Pass4testの認定試験問題集を利用すると、100%と言っても過言ではないほど試験に合格できます。弊社は真の試験現場の出題内容を的確に捉えることができ、100%の合格率を保証することができます。安心で弊社の製品を使って、試験に参加だけで資格を取得できます。

詳しい試験内容は以下のようです。どうぞ、ご覧になっていただきたいのです。

購入前にお試し,私たちの試験の質問と回答のいずれかの無料サンプルをダウンロード:http://pdf.pass4test.jp/ST0-025.pdf

1.What are two ways in which new entries can be added to the Assets Table of a Symantec Security
Information Manager solution? (Choose two.)
A. through the Lookup Tables pane of the Information Manager Console
B .importing from HP OpenView through the OpenView Integration feature
C. importing from a .CSV file exported from Active Directory
D. automatic population through a supported vulnerability scanner
Answer: C, D
2.Which three ratings does the Information Manager Assets Table use to quantify the importance of the
device and help determine how to escalate security incidents related to that device? (Choose three.)
A. Confidentiality
B. Criticality
C. Availability
D. Priority
E. Integrity
Answer: A, C, E
3.How can you determine which ports are potentially vulnerable on a given host in the Assets Table?
A. by running the NetScan user action on the asset
B. by looking at the Services tab on the asset
C. by viewing the Details tab for the asset
D. by running the Host Information report on the asset
Answer: B

Symantec   ST0-025   ST0-025   ST0-025

4.How do you install the Symantec Security Information Manager (SSIM) Console?
A. on the SSIM DVD, go to Tools and install the client
B. go to the SSIM web interface, download the client and click Run
C. from the SSIM appliance, deploy the console to your machine
D. No installation is necessary because SSIM is a browser-based tool.
Answer: B

Symantec   ST0-025   ST0-025   ST0-025

5.Which menu options do you select in the user interface to shut down or reboot the Symantec Security
Information Manager (SSIM) appliance?
A. System --> Shutdown/Restart
B. SSIM Console --> Shutdown/Restart
C. SSIM --> Configure Appliance --> Shutdown/Restart
D. SSIM Console --> Systems tab
Answer: C

Symantec   ST0-025   ST0-025   ST0-025

6.Where do you configure LiveUpdate for Symantec Security Information Manager (SSIM)?
A. SSIM Start Page --> Configure Appliance --> LiveUpdate tab
B. SSIM Console --> Systems tab --> LiveUpdate tab
C. from a command prompt
D. SSIM Client --> Maintenance tab --> LiveUpdate tab
Answer: A

Symantec   ST0-025   ST0-025   ST0-025

7.By default, event archives are stored for up to _____ days.
A. 10
B. 30
C. 60
D. 90
Answer: A

Symantec   ST0-025   ST0-025   ST0-025

8.Which two are commonly used to view archived events? (Choose two.)
A. Information Manager Event Viewer
B. Archive Management Console tab
C. Query Wizard
D. Incident Management Console tab
Answer: A, C
9.When querying archived event data, how can you make a query available to other users of the system?
A. save it in Published Queries
B. save it in Public Templates
C. grant Read Query permission to the domain
D. check the Shared option on the saved query
Answer: A

Symantec   ST0-025   ST0-025   ST0-025

10.Normalization provides a unique identifier for each type of event and _____.
A. adds Correlation Manager-specific data to the translated incident
B. adds Correlation Manager-specific data to the translated event
C. maps events to a device-specific signature
D. maps incidents to a device-specific signature
Answer: B

Symantec   ST0-025   ST0-025   ST0-025

11.What is the correct Symantec Security Information Manager incident identification pipeline?
A. collection --> normalization --> rule processing --> attack tracing --> correlation to vulnerabilities -->
incident prioritization
B. normalization --> collection --> rule processing --> attack tracing --> correlation to vulnerabilities -->
incident prioritization
C. rule processing --> normalization --> collection --> attack tracing --> correlation to vulnerabilities -->
incident prioritization
D. attack tracing --> rule processing --> normalization --> collection --> correlation to vulnerabilities -->
incident prioritization
Answer: A

Symantec   ST0-025   ST0-025   ST0-025

12.Security data is continuously gathered from thousands of security sensors worldwide through the
integrated _____.
A. Symantec Security Information Manager
B. DeepSight Global Intelligence Network
C. Symantec Enterprise Security Manager
D. Symantec Sygate Solution
Answer: B

Symantec   ST0-025   ST0-025   ST0-025

13.What is the purpose of normalization?
A. to minimize the number of events affecting multiple devices for the Correlation Manager to strategize
the events more quickly
B. to correlate events across multiple devices for the Correlation Manager to compare all events equally
C. to standardize events across multiple devices for the Correlation Manager to compare all events
equally
D. to process the events across multiple devices for the Correlation Manager to strategize the events
more quickly
Answer: C

Symantec   ST0-025   ST0-025   ST0-025

14.What is Device-level aggregation?
A. parsing data with data sensors
B. grouping data to reduce traffic and database size
C. forwarding event data to the appliance
D. event and log sensoring
Answer: B

Symantec   ST0-025   ST0-025   ST0-025

15.What are on-box collectors?
A. PIX, UNIX Syslog and Sygate
B. Checkpoint, Snort and PIX
C. PIX, Snort and Symantec Mail Security
D. Checkpoint, UNIX Syslog and Symantec Network Security
Answer: B

Symantec   ST0-025   ST0-025   ST0-025

16.Which Symantec Security Information Manager component retrieves security content from Symantec?
A. LiveUpdate
B. LiveUpdate and licensed DeepSight Integration Module simultaneously
C. Licensed DeepSight Integration Module
D. Security content retrieval is automatic.
Answer: C

Symantec   ST0-025   ST0-025   ST0-025

17.In Symantec Security Information Manager, collectors send events to _____.
A. Event Disposition
B. Event Archive
C. Event Reporting
D. Event Logger
Answer: D

Symantec   ST0-025   ST0-025   ST0-025

18.Events that are filtered out remain stored in the ______.
A. Event Logger
B. Incident Repository
C. Event Archive
D. Incident History
Answer: D

Symantec   ST0-025   ST0-025   ST0-025

19.What information does the Correlation Manager use to identify and prioritize incidents?
A. DeepSight
B. event history
C. incident
D. assets
Answer: D

Symantec   ST0-025   ST0-025   ST0-025

20.Once custom rules are properly defined, the Correlation Engine _____.
A. correlates events against the rule criteria, analyzes conclusions and creates impending incidents
B. analyzes events against the rule criteria, correlates with existing conclusions and creates the
impending incident
C. analyzes events against the rule criteria, creates conclusions and correlates conclusions into incidents
D. applies individual rules to events, analyzes conclusions and correlates events into incidents
Answer: C

投稿日: 2012/9/8 21:55:29  |  カテゴリー: Symantec  |  タグ: STS-Partner-AccreditationST0-025
Copyright © 2018. HP-認証 All rights reserved.