ST0-085 Symantec Security Information Manager Technical Exam, Attend this ST0-085 Symantec Security Information Manager Technical Exam will get a Good Score 80% on Main Exam.
Sample Questions:
What two search templates are the predefined information administrator?
Host activity
internal activity
IDS activity
Firewall activity
port activity
At the request of historical data on the event, can you request available to other users of the system?
Keep your queries published.
Keep it in public templates
Permit for granting to read applications to the domain.
Check the saved query shared option
None
What is the function of Symantec Security Information Manager provides a centralized list of nodes and devices on the network, which are subject to the correlation of security events?
Asset table
Correlation database
host table
Base safety data objects
None
What are two ways in which new entries can be added to the assets of the Symantec Security Information Manager Decision Table?
Through the search tables of Pane Manager Information Console
Imports of HP Open View with Open View integration features
Importing CSV files exported from Active Directory
Auto-complete with a compatible vulnerability scanner
What affirmation is true about the rules to deal with Symantec Security Information Manager?
The rules can be created to force events to incidents based on policies defined for each asset.
The rules editor can create a policy for each asset, to determine which rules are executed when the event occurs.
The rules can be customized for each asset, which will execute the vulnerability scan, when a certain type of event occurs.
The Rules tab can be used in the console for the automatic determination of the available ports in the asset.
None
What makes the three categories of the Asset Table of the Information Manager are used to quantify the importance of the device, and help determine how the incident climbing associated with this device?
confidentiality
Criticity
Availability
a priority
integrity
0 Commentaires