Limited Time Discount Offer 30% Off - Ends in 02:00:00

×

Symantec 250-501 Exam - Intrusion Protection Solutions

Questions & Answers for Symantec 250-501

Showing 1-15 of 139 Questions

Question #1 - Topic 0

Which two conditions affect the performance of network-based intrusion detection
systems? (Choose two.)

A. local area network traffic congestion

B. resource utilization on sensor nodes

C. presence of a host-based intrusion detection system

D. concurrent support for intrusion detection across multiple platforms

Question #2 - Topic 0

What are two components of a Symantec ManHunt node? (Choose two.)

A. agents

B. report engine

C. handoff managers

D. analysis framework

Question #3 - Topic 0

Which communications method does the Symantec Enterprise Security Architecture
Console use to communicate with the Symantec Enterprise Security Architecture
Manager?

A. JDBC

B. ODBC

C. LDAPS

D. HTTPS

Question #4 - Topic 0

Which type of intrusion detection does Symantec Decoy Server provide?

A. only host-based

B. behavioral-based

C. only network-based

D. host-based and network-based

Question #5 - Topic 0

What does a Symantec ManHunt watchdog group provide?

A. sniffer detection

B. node redundancy

C. sensor aggregation

D. third-party event aggregation

Question #6 - Topic 0

Click the Exhibit button. LifeLine Supply Company (LLSC) deploys Symantec ManHunt as
part of their intrusion protection solution. They monitor all network switches with Symantec
ManHunt and have a console at the corporate headquarters in New York. How many
ManHunt nodes do they require to support this solution if a monitoring group is required in
each location?

A. 1

B. 4

C. 6

D. 31

Question #7 - Topic 0

Which two configuration strategies help secure the Symantec Host IDS data? (Choose
two.)

A. configure the Manager TCP/IP settings to prohibit HTTPS access to the manager computer

B. install Symantec Host IDS on the Symantec Enterprise Security Architecture DataStore computer

C. configure the firewall to prohibit HTTP access to the manager computer from outside the corporate network

D. install the Symantec Security Management System Console on the Symantec Enterprise Security Architecture Manager

Question #8 - Topic 0

Which additional Symantec product must you install before Symantec Host IDS?

A. Symantec Incident Manager

B. Symantec System Center Console

C. Symantec Enterprise Security Manager

D. Symantec Security Management System

Question #9 - Topic 0

What are two functions of the Symantec ManHunt refinement process? (Choose two.)

A. correlating events with incidents

B. aggregating events into incidents

C. matching an unknown event against a database

D. reclassifying an event by tagging it with a specific name

Question #10 - Topic 0

Which activity compromises the integrity of forensic data collected during an incident
response investigation of HostA?

A. modification of firewall settings to collect additional forensic data

B. modification of the system files on HostA to block further intrusions

C. modification of the network intrusion detection system's signature files

D. modification of the intrusion policy at HostA's IPS sensor to block further intrusions

Question #11 - Topic 0

In which format is all Symantec Decoy Server intrusion analysis data compiled?

A. XML log format

B. HTML-formatted templates

C. time-stamped logs that are stored in uneditable files

D. time-stamped logs that are stored in a relational database

Question #12 - Topic 0

What is a Symantec Host IDS collector?

A. a database that collects intrusion data

B. a process that extracts information from an agent system

C. a service that monitors network intrusion collection devices

D. a daemon that forwards intrusion events to security collection devices

Question #13 - Topic 0

Which two event parameters are defined in a Symantec ManHunt response rule? (Choose
two.)

A. type

B. class

C. target

D. count

Question #14 - Topic 0

Which type of Symantec Manhunt detection is provided by anomaly detection?

A. roaming detection

B. network flow detection

C. zero day attack detection

D. stateful signature detection

Question #15 - Topic 0

Which two types of policies are supported by Symantec Host IDS? (Choose two.)

A. stock

B. update

C. custom

D. best practice

You Need Avanset VCE Player in Order to Open VCE Files

AUTUMN SALE: 30% DISCOUNT
This is ONE TIME OFFER

You save
30%

Enter Your Email Address to Receive Your 30% Discount Code

AUTUMN SALE: 30% DISCOUNT

You save
30%

Use Discount Code:

A confirmation link was sent to your e-mail.

Please check your mailbox for a message from support@exam-labs.com and follow the directions.