Limited Time Discount Offer 30% Off - Ends in 02:00:00


Symantec 250-501 Exam - Intrusion Protection Solutions

Questions & Answers for Symantec 250-501

Showing 1-15 of 139 Questions

Question #1 - Topic 0

Which two conditions affect the performance of network-based intrusion detection
systems? (Choose two.)

A. local area network traffic congestion

B. resource utilization on sensor nodes

C. presence of a host-based intrusion detection system

D. concurrent support for intrusion detection across multiple platforms

Question #2 - Topic 0

What are two components of a Symantec ManHunt node? (Choose two.)

A. agents

B. report engine

C. handoff managers

D. analysis framework

Question #3 - Topic 0

Which communications method does the Symantec Enterprise Security Architecture
Console use to communicate with the Symantec Enterprise Security Architecture





Question #4 - Topic 0

Which type of intrusion detection does Symantec Decoy Server provide?

A. only host-based

B. behavioral-based

C. only network-based

D. host-based and network-based

Question #5 - Topic 0

What does a Symantec ManHunt watchdog group provide?

A. sniffer detection

B. node redundancy

C. sensor aggregation

D. third-party event aggregation

Question #6 - Topic 0

Click the Exhibit button. LifeLine Supply Company (LLSC) deploys Symantec ManHunt as
part of their intrusion protection solution. They monitor all network switches with Symantec
ManHunt and have a console at the corporate headquarters in New York. How many
ManHunt nodes do they require to support this solution if a monitoring group is required in
each location?

A. 1

B. 4

C. 6

D. 31

Question #7 - Topic 0

Which two configuration strategies help secure the Symantec Host IDS data? (Choose

A. configure the Manager TCP/IP settings to prohibit HTTPS access to the manager computer

B. install Symantec Host IDS on the Symantec Enterprise Security Architecture DataStore computer

C. configure the firewall to prohibit HTTP access to the manager computer from outside the corporate network

D. install the Symantec Security Management System Console on the Symantec Enterprise Security Architecture Manager

Question #8 - Topic 0

Which additional Symantec product must you install before Symantec Host IDS?

A. Symantec Incident Manager

B. Symantec System Center Console

C. Symantec Enterprise Security Manager

D. Symantec Security Management System

Question #9 - Topic 0

What are two functions of the Symantec ManHunt refinement process? (Choose two.)

A. correlating events with incidents

B. aggregating events into incidents

C. matching an unknown event against a database

D. reclassifying an event by tagging it with a specific name

Question #10 - Topic 0

Which activity compromises the integrity of forensic data collected during an incident
response investigation of HostA?

A. modification of firewall settings to collect additional forensic data

B. modification of the system files on HostA to block further intrusions

C. modification of the network intrusion detection system's signature files

D. modification of the intrusion policy at HostA's IPS sensor to block further intrusions

Question #11 - Topic 0

In which format is all Symantec Decoy Server intrusion analysis data compiled?

A. XML log format

B. HTML-formatted templates

C. time-stamped logs that are stored in uneditable files

D. time-stamped logs that are stored in a relational database

Question #12 - Topic 0

What is a Symantec Host IDS collector?

A. a database that collects intrusion data

B. a process that extracts information from an agent system

C. a service that monitors network intrusion collection devices

D. a daemon that forwards intrusion events to security collection devices

Question #13 - Topic 0

Which two event parameters are defined in a Symantec ManHunt response rule? (Choose

A. type

B. class

C. target

D. count

Question #14 - Topic 0

Which type of Symantec Manhunt detection is provided by anomaly detection?

A. roaming detection

B. network flow detection

C. zero day attack detection

D. stateful signature detection

Question #15 - Topic 0

Which two types of policies are supported by Symantec Host IDS? (Choose two.)

A. stock

B. update

C. custom

D. best practice


You save

Enter Your Email Address to Receive Your 30% Discount Code


You save

Use Discount Code:

A confirmation link was sent to your e-mail.

Please check your mailbox for a message from and follow the directions.

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

  • Realistic exam simulation and exam editor with preview functions
  • Whole exam in a single file with several different question types
  • Customizable exam-taking mode & detailed score reports