ST0-192 - Symantec Tech. Found.: Security Solutions 2.0 Tech. Assmt.

Go back to Symantec

Example Questions

Which two events could potentially be seen by a network monitoring solution in the context of information protection? (Select two.) Which two pieces of information from a customer will help to uncover a need for the Altiris IT Management Suite? (Select two.) Which two questions are appropriate to ask a customer in order to uncover a need for Symantec Control Compliance Suite? (Select two.) In which two cases will the agent status remain green (good) on the Agent Events page? (Select two.) Which component of Symantec Security Information Manager (SSIM) helps companies determine a potential threat in real-time? What is a likely outcome of filtering network traffic in Network Monitor? Why is security configuration management important to business leaders, according to the Security Solutions 2.0 course? What is global reputation analysis ineffective against? What is the primary benefit of network intrusion prevention on the host? An administrator wants to identify and monitor systems with weak or static passwords. Which Symantec solution can help collect this information? A cybercriminal wants to break into an organization using a SQL injection attack. What will the cybercriminal do to start the attack? How does patch management enhance security within an environment? What is the default incident data retention behavior for Network Monitor and Network Prevent? By default, which port does the Enforce Server use to connect to all detection servers? On which protocols does Symantec Data Loss Prevention 9.0 use port-based protocol recognition? What is the purpose of defining a technical standard? What is the link between information security and operational performance? What information does IT asset management (ITAM) provide? During a discussion with a customer, it is identified that they need better awareness of their hardware and software inventory. For example, they have a security policy to disallow DVD burners in their end-user workstations, yet they are lacking centralized inventory and reporting software to see if any endpoints have a DVD burner. Which Symantec suite is the most appropriate for this customer? When should blocking of network transmissions and quarantining of exposed confidential files begin? Which Network incident report indicates where employees are most often sending emails in violation of policies? Which plug-in can connect to Microsoft Active Directory (AD)? Malware that contains a backdoor is placed on a system that will later be used by the cybercriminal to gain access to the system. Which phase of the breach does this represent? Which two core processes can a workflow solution manage to help mitigate security risks? (Select two.) Which endpoint protection strategy uses rulesets to block or allow network traffic going to or coming from the endpoint? What must a policy manager do when working with Exact Data Matching (EDM) indexes? What is an example of monitoring the usage of confidential data? What are the benefits of log management? What makes a security policy effective and functional? How does a system administrator verify that a Network Monitor Server is healthy? An organization has a requirement to ensure they are meeting industry best practices for securing their IT environment. Which strategy is appropriate for this organization? What is the cybercriminal hoping to accomplish during the incursion phase? A customer is experiencing image-based spam and phishing attacks that are negatively impacting messaging flow. Which Symantec solution should be recommended to this customer? What are two types of targets that should be scanned to see if they contain confidential information at rest? (Select two.) A cybercriminal wants to maintain future access to a compromised system. Which tool would the cybercriminal use to accomplish this? Why do companies deploy data loss prevention solutions? (Select two.) Which endpoint protection strategy uses system-level control of applications, processes, and hardware devices to prevent inappropriate software from running on a system? Which condition would require performing a remote exploit on a machine? Which two products are required for quarantining confidential files residing inappropriately on a public file share? (Select two.) What does Endpoint Prevent do? An Internet user is able to download files via FTP but is unable to communicate over instant messaging. Which web gateway protection technology enforces this type of web usage policy? A malicious insider was identified and recently terminated, and the organization wants to confirm that all company-owned hardware was returned by the employee. Which Symantec solution will help accomplish this? What are the benefits of security information and event management? What additional benefit will a patch management strategy provide? How does a workflow solution work with collaborative applications, according to the Security Solutions 2.0 course? What are two benefits of hardware device control? (Select two.) How can a system administrator obtain the log files for a detection server? (Select three.) Why would a cybercriminal avoid using a trojan in a widespread attack? An end-user has mistakenly copied sensitive data into an email and attempted to send it outside the company. The email is quarantined, and the user's immediate manager receives a notification detailing the policy violation. An additional notification is sent to IT Security, and an investigation is initiated. What does this scenario describe? What is the goal of a denial of service attack?