Exam Title

: Symantec 250-503 : Security Management Solutions

Version : R6.1

www.Prepking.com

Prepking - King of Computer Certification Important Information, Please Read Carefully

Other Prepking products A) Offline Testing engine Use the offline Testing engine product to practice the questions in an exam environment. B) Study Guide (not available for all exams) Build a foundation of knowledge which will be useful also after passing the exam. Latest Version We are constantly reviewing our products. New material is added and old material is updated. Free updates are available for 90 days after the purchase. You should check your member zone at Prepking and update 3-4 days before the scheduled exam date. Here is the procedure to get the latest version: 1.Go towww.Prepking.com 2.Click on Member zone/Log in (right side) 3. Then click My Account 4.The latest versions of all purchased products are downloadable from here. Just click the links. For most updates,it is enough just to print the new questions at the end of the new version, not the whole document. Feedback If you spot a possible improvement then please let us know. We always interested in improving product quality. Feedback should be send to feedback@Prepking.com. You should include the following: Exam number, version, page number, question number, and your login ID. Our experts will answer your mail promptly. Copyright Each PDF file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular PDF file is being distributed by you, Prepking reserves the right to take legal action against you according to the International Copyright Laws. Explanations This product does not include explanations at the moment. If you are interested in providing explanations for this exam, please contact feedback@Prepking.com.

www.Prepking.com

 1. Which Symantec Enterprise Security Manager (Symantec ESM) report lists the security checks in each module? A. Policy B. Domain C. Security D. Executive Answer: A 2. Which two network requirements must be met for communications across a WAN connection to successfully occur between Symantec Enterprise Security Manager (Symantec ESM) Manager running on host GS101 and Symantec ESM Agent running on host GS102? (Choose two.) A. Hostnames must be resolvable. B. Appropriate ports must be open. C. Authentication server must be available. D. Components must belong to the same Symantec ESM domain. Answer: AB 3. Which two does Symantec Enterprise Security Manager (Symantec ESM) have Best Practice Policies for? (Choose two.) A. WU FTP Server B. Oracle Database C. MySQL Database D. Checkpoint Firewall Answer: BD 4. A mission critical application must use the Windows 2000 guest account for management functions. Your organization's security policy states that the guest account should not be used for any reason. Which option should you use to temporarily prevent Symantec Enterprise Security Manager (Symantec ESM) from reporting the guest account as an exception while the application is reengineered to use another Windows 2000 user account? A. rules B. filters C. exclusions D. suppressions Answer: D 5. Which three operating systems are supported by the Symantec Enterprise Security Manager (Symantec ESM) Agent? (Choose three.) A. HP-UX

www.Prepking.com

 B. OS/390 C. MacOS X D. BSD UNIX E. Windows 98 F. Red Hat Linux 7.x G. Windows 2003 Server Answer: AFG 6. Which organization defines the Symantec Enterprise Security Manager (Symantec ESM) Best Practice Policies? A. SANS Institute B. The MITRE Corporation C. CERT Coordination Center D. Symantec Security Response Answer: D 7. What is one benefit of using Symantec Enterprise Security Manager (Symantec ESM)? A. holistic risk mitigation B. holistic security event correlation C. automated and scheduled network assessments D. automated security policy compliance management Answer: D 8. When new security updates are available when are the new modules transferred from the Symantec Enterprise Security Manager (Symantec ESM) Manager to the updatable participating Symantec Enterprise Security Manager (Symantec ESM) Agents? A. during the next policy run B. during an Agent synchronization C. the next time the Manager restarts D. when the Agents poll the Manager for configuration changes Answer: A 9. Which two are groupings of security checks in Symantec Enterprise Security Manager (Symantec ESM)? (Choose two.) A. file systems and directories B. process blocking and integrity C. user accounts and authorization D. system and domain administration Answer: AC

www.Prepking.com

 10. Which file does Symantec Enterprise Security Manager (Symantec ESM) initialize during the first run of a security module to identify computer changes? A. Template B. Snapshot C. MasterPolicy D. Suppressions Answer: B 11. Which module is included in the Symantec Enterprise Security Manager (Symantec ESM) base level Best Practice Policies? A. File Watch B. File Access C. Backup Integrity D. Password Strength Answer: D 12. Which statement describes the recommendations made in the ISO 17799? A. It is technology neutral. B. It secures Solaris computers. C. It is designed for the health industry. D. It reduces risk to bulk electric systems. Answer: A 13. What is a benefit of Symantec Enterprise Security Manager (Symantec ESM)? A. Summary policy run results are stored in a relational database. B. Symantec ESM Agents run at low priority to minimize resource consumption. C. Symantec Host IDS port scan data can be incorporated into Symantec ESM policy runs. D. Symantec Vulnerability Assessment audit data can be incorporated into Symantec ESM reports. Answer: B 14. Where are Symantec Enterprise Security Manager (Symantec ESM) reports stored? A. Symantec ESM CIF computer B. Symantec ESM Agent computer C. Symantec ESM Console computer D. Symantec ESM Manager computer Answer: C 15. Which Symantec Enterprise Security Manager (Symantec ESM) component is the CIF server a part of? A. Agent B. Bridge

www.Prepking.com

 C. Console D. Manager Answer: D 16. Which two operating systems support a Symantec Enterprise Security Manager (Symantec ESM) Manager? (Choose two.) A. AIX B. OS/400 C. Windows 98 D. Red Hat Linux E. Windows 2003 Answer: AE 17. Which component is used to gather Symantec Enterprise Security Manager (Symantec ESM) data to Symantec Enterprise Security Architecture (SESA)? A. relay B. bridge C. converter D. forwarder Answer: B 18. Which three are true about Symantec Enterprise Security Manager (Symantec ESM) template files? (Choose three.) A. They are suppressible. B. They can be created from scratch. C. They contain definitions of objects and their expected states. D. They provide computer-specific information about properties of files. Answer: BCD 19. Which two components make up the Symantec Enterprise Security Manager (Symantec ESM) SANS/FBI Top 20 Best Practice Policy? (Choose two.) A. checks B. templates C. snapshots D. suppressions Answer: AB 20. Which security-related task can Symantec Enterprise Security Manager (Symantec ESM) be used for? A. risk profile determination B. notifies you of a system attack

www.Prepking.com

 C. assessing policy compliance on servers D. consolidating management of all Symantec security products Answer: C 21. Which Symantec Enterprise Security Architecture (SESA) component does a collector send data to? A. Agent B. Console C. Directory D. DataStore Answer: A 22. Which component of the Symantec Enterprise Security Architecture (SESA) forwards data generated by security products to the Symantec Security Management System? A. Agent B. Provider C. Manager D. Collector E. DataStore Answer: A 23. Which feature allows the Symantec Security Management System to extend analysis to include events from third-party security products? A. correlation B. normalization C. encapsulation D. alert forwarding Answer: B 24. What are the two built-in organizational units in Symantec Enterprise Security Architecture (SESA)? (Choose two.) A. Agents B. Default C. Managers D. Collectors Answer: BC 25. Which method increases the security of communications between the SESA Manager and the SESA DataStore across a network? A. VPN B. ODBC

www.Prepking.com

 C. LDAPS D. HTTPS Answer: A 26. LifeLine Supply Company (LLSC) has three sites with broadband connections between each site. LLSC is planning to install the Symantec Security Management System. LLSC wants to access all event data from two consoles. What is the minimum number of SESA Directories LLSC must install? A. 0 B. 1 C. 2 D. 3 Answer: B 27. Click the Exhibit button. Which two components should you install on the Symantec Enterprise Security Manager (Symantec ESM) systems to perform vulnerability assessments? (Choose two.)

A. SESA Agent B. SESA Bridge C. SVA Provider D. SVA Manager Answer: AC 28. Which product should you use to identify and correlate security events in near real-time? A. Symantec HostIDS B. Symantec Incident Manager C. Symantec Vulnerability Assessment

www.Prepking.com

 D. Symantec Enterprise Security Manager (Symantec ESM) Answer: B 29. Which native Symantec Enterprise Security Architect (SESA) solution determines whether an

appropriate countermeasure has been applied to a system that is a target of an attack? A. Symantec Incident Manager B. Symantec Vulnerability Assessment C. Symantec Enterprise Security Architecture Console D. Symantec Enterprise Security Manager (Symantec ESM) Answer: B 30. Which component queries the LDAP directory? A. Symantec Incident Manager B. Symantec Enterprise Security Manager (Symantec ESM) C. Symantec Enterprise Security Architecture (SESA) Manager D. Symantec Enterprise Security Architecture (SESA) DataStore Answer: C 31. LIfeLine Supply Company (LLSC) has three sites: New York, Tokyo, and Sydney. Each site currently has an autonomous security department that has implemented Symantec Enterprise Security Manager (Symantec ESM), Symantec Vulnerability Assessment and Symantec Incident Manager. LLSC management wants all vulnerability assessment conditions reported to a single SESA Manager in the New York site. What should the LLSC security team do in the Tokyo and Sydney sites to meet this requirement? A. configure the SESA Managers to forward their event data to the New York site's SESA Manager B. configure the SESA Directories to replicate their event summary to the New York site's SESA Directory C. configure the Symantec Incident Manager's event relay to forward event data to the New York site's Incident Manager D. configure a Symantec Incident Manager filter in the Rules Engine to forward only vulnerability assessment conditions to the New York site's rules tables Answer: A 32. Click the Exhibit button. Your organization has implemented an integrated solution including Symantec Enterprise Security Architecture (SESA), Symantec Incident Manager, and Symantec Vulnerability Assessment. On which host is the Symantec Vulnerability Assessment event data stored?

www.Prepking.com

A. A B. B C. C D. F E. G Answer: E 33. Which condition determines whether a collector must be installed on a particular system? A. The security product installed on the system is not capable of communicating with a SESA Agent. B. The security product installed on the system is not capable of communicating with a SESA DataStore. C. The system is running an operating system that is not supported by the Symantec Security Management System. D. The system is running an operating system that is not supported by the Symantec Enterprise Security Architecture (SESA). Answer: A 34. Which three tasks do you need to perform (Choose three.) A. install the SVA Manager B. distribute the network license C. enable the network scan option on the SVA Manager D. enable the network scan option during the SVA Provider install Answer: ABD 35. Click the Exhibit button. You want to integrate the Symantec Enterprise Security Manager (Symantec ESM) event data with Symantec Incident Manager. On which host should you run the SESA Integration Wizard (manager extensions)? to allow a SESA Agent to perform network-based audits?

www.Prepking.com

100% Pass Guaranteed or Full Refund Word to Word Real Exam Questions from Real Test Buy full version of exam from this link below http://www.prepking.com/250-503.htm