2013年5月6日星期一

Best exercises of Symantec certification 251-501 exam and answers

Symantec certification 251-501 exam is very popular among the IT people to enroll in the exam. Passing Symantec certification 251-501 exam can not only chang your work and life can bring, but also consolidate your position in the IT field. But the fact is that the passing rate is very low.

IT-Tests.com is a website to improve the pass rate of Symantec certification 251-501 exam. Senior IT experts in the IT-Tests.com constantly developed a variety of successful programs of passing Symantec certification 251-501 exam, so the results of their research can 100% guarantee you Symantec certification 251-501 exam for one time. IT-Tests's training tools are very effective and many people who have passed a number of IT certification exams used the practice questions and answers provided by IT-Tests. Some of them who have passed the Symantec certification 251-501 exam also use IT-Tests's products. Selecting IT-Tests.com means choosing a success.

IT-Tests.com promise that we will spare no effort to help you pass Symantec certification 251-501 exam. Now you can free download part of practice questions and answers of Symantec certification 251-501 exam on IT-Tests. When you select IT-Tests, you can not only pass Symantec certification 251-501 exam, but also have one year free update service. IT-Tests.com can also promise if you fail to pass the exam, IT-Tests.com will 100% refund.

251-501 (Intrusion protection solutions) Free Demo Download: http://pdf.it-tests.com/251-501.pdf

NO.1 Which Symantec Security Management System view displays Symantec Host IDS events?
A. Symantec Host IDS Events folder, Intrusion Detection Events view
B. Symantec Host IDS Events folder, Intrusion Detection Attack view
C. Intrusion Detection Family folder, Symantec Host IDS Events view
D. Intrusion Detection Reports folder, Symantec Host IDS Attack view
Answer: C

Symantec questions   251-501   251-501   251-501   251-501 demo

NO.2 To which mode must you set the network interface on a network intrusion detection sensor to collect all
packets?
A. report
B. receive
C. transfer
D. promiscuous
Answer: D

Symantec exam dumps   251-501   251-501 answers real questions

NO.3 Which two conditions affect the performance of network-based intrusion detection systems? (Choose
two.)
A. local area network traffic congestion
B. resource utilization on sensor nodes
C. presence of a host-based intrusion detection system
D. concurrent support for intrusion detection across multiple platforms
Answer: AB

Symantec   251-501 exam dumps   251-501 exam   251-501 test answers   251-501

NO.4 Which two states are monitored by statistical anomaly filters to detect changes in network activity?
(Choose two.)
A. protocol traffic rates
B. changes in file sizes
C. user account misuse
D. users' activity over the network
Answer: AD

Symantec   251-501 demo   251-501 questions

NO.5 Which three types of network traffic should be considered suspicious by a deception-based intrusion
system running on your corporate Intranet? (Choose three. )
A. FTP connection
B. broadcast traffic
C. HTTP get request
D. SSL logon attempt
Answer: ACD

Symantec test answers   251-501 certification training   251-501   251-501 exam prep   251-501

NO.6 Which type of device is associated with passive intrusion detection strategies?
A. firewall
B. packet filter
C. network sniffer
D. management console
Answer: C

Symantec   251-501 exam dumps   251-501 braindump   251-501   251-501   251-501 study guide

NO.7 What is a possible risk of operating a decoy-based intrusion detection system on your network?
A. Attackers could use the decoy to compromise another system making you liable.
B. Attackers learn how to circumvent your perimeter defense through the decoy.
C. The decoy reduces network performance by generating broadcast traffic on the network.
D. The decoy may give away information about your network and other legitimate systems
Answer: A

Symantec   251-501   251-501 study guide

NO.8 Which type of attacks are anomaly-based intrusion detection systems primarily designed to detect?
A. novel
B. known
C. host-based
D. network-based
Answer: A

Symantec   251-501 demo   251-501 test questions

NO.9 Which statement is true regarding Symantec Host IDS policy behavior?
A. Policies are collected from Symantec Host IDS Agent computers.
B. Policies are distributed to all Symantec Host IDS Agent computers.
C. Policies are based on application settings on all computers running Symantec Host IDS.
D. Policies are monitored on all computers running Symantec Host IDS Manager services.
Answer: B

Symantec questions   251-501 test questions   251-501

NO.10 Which activity compromises the integrity of forensic data collected during an incident response
investigation of HostA?
A. modification of firewall settings to collect additional forensic data
B. modification of the system files on HostA to block further intrusions
C. modification of the network intrusion detection system's signature files
D. modification of the intrusion policy at HostA's IPS sensor to block further intrusions
Answer: B

Symantec   251-501   251-501 braindump

NO.11 Where are Symantec Host IDS events recorded?
A. the DataStore
B. the Directory
C. the Local Agent log
D. the Symantec Host IDS Manager
Answer: A

Symantec certification   251-501 braindump   251-501   251-501   251-501 questions

NO.12 Which three organizations actively monitor the release of patches and upgrades from vendors?
(Choose three.)
A. CERT
B. Microsoft
C. Symantec
D. Security Focus
E. Sun Microsystems
Answer: ACD

Symantec   251-501 certification training   251-501 practice test   251-501   251-501   251-501 questions

NO.13 Which solution provides a robust management and reporting framework for Symantec Host IDS?
A. Symantec Security Management System
B. Symantec Host IDS Manager and Agent Tools
C. Symantec Intrusion Protection Enterprise Manager
D. Symantec Enterprise Security Management Console
Answer: A

Symantec exam prep   251-501 study guide   251-501 certification training   251-501   251-501

NO.14 Which service is required to deploy a Symantec Enterprise Security Architecture Manager?
A. IBM HTTP Server
B. iPlanet Web Server
C. Netscape Web Server
D. Internet Information Server
Answer: A

Symantec dumps   251-501 exam dumps   251-501 certification

NO.15 Which service facilitates the automatic update of Symantec Host IDS stock policies?
A. Symantec LiveUpdate
B. Symantec PolicyEditor
C. Symantec PolicyUpdate
D. Symantec Host IDSUpdate
Answer: A

Symantec   251-501 certification   251-501   251-501 certification

NO.16 What is a characteristic unique to a host-based intrusion protection solution?
A. service specific
B. protocol specific
C. topology specific
D. operating system specific
Answer: D

Symantec exam simulations   251-501   251-501   251-501 exam prep   251-501 practice test

NO.17 Which two types of policies are supported by Symantec Host IDS? (Choose two.)
A. stock
B. update
C. custom
D. best practice
Answer: AC

Symantec answers real questions   251-501   251-501   251-501   251-501   251-501

NO.18 Which two methods might you use to create custom policies? (Choose two.)
A. build from scratch
B. use the policy template
C. import system registry settings
D. export and modify a stock policy
Answer: AD

Symantec   251-501 study guide   251-501 answers real questions   251-501

NO.19 Which two technologies act as intrusion protection sensors? (Choose two.)
A. routers
B. host agents
C. deception hosts
D. managed switches
Answer: BC

Symantec   251-501 certification training   251-501 questions

NO.20 Click the Exhibit button. What is the minimum number of Symantec Security Management System
Console computers required to monitor the Boston office locally, while managing the entire Symantec
Host IDS deployment from New York?
A. 1
B. 2
C. 4
D. 15
Answer: B

Symantec dumps   251-501 answers real questions   251-501   251-501

没有评论:

发表评论