250-505試験無料問題集（155題）「Symantec Administration of Symantec Data Center Security: Server Advanced 認定」

出題：1

When is the security tag removed from a malware infected guest virtual machine (VM)?

A. After the guest VM is moved to a security tag group

B. As soon as the malware protection policy is applied

C. As soon as the NSX security policy is applied

D. After the clean completion of entire guest VM scan

正解：D 解答を投票する

出題：2

Which agent polling and default listening port settings should be used on systems in large deployments whose policy and configuration settings are relatively stable according to the Planning and Deployment Guide?

A. Polling interval: 30-60 minutes; default listening port: disabled

B. Polling interval: 5-15 minutes; default listening port: enabled

C. Polling interval: 5-15 minutes; default listening port: disabled

D. Polling interval: 30-60 minutes; default listening port: enabled

正解：A 解答を投票する

出題：3

Which two factors should be considered when establishing a polling interval? (Select two.)

A. After the pilot deployment, polling intervals should be decreased to avoid overloading the server.

B. Increase the polling interval as large numbers of systems that poll too frequently can fill the database.

C. The polling intervals should be decreased for large scale deployments to improve the performance of report generation.

D. High risk systems require fast reaction time and should be set to poll more often.

E. Many agents require fewer policy or configuration changes so it is unnecessary to check as frequently.

正解：D,E 解答を投票する

出題：4

Which event category on the Monitors page would indicate a process assignment issue on an agent?

A. Prevention

B. Management

C. Detection

D. Profile

正解：A 解答を投票する

出題：5

In which two instances is disabling log consolidation recommended? (Select two.)

A. When log rotation is enabled on the agent system

B. To see all prevention events in real-time

C. When third party solutions are unable to process the aggregated events correctly

D. To provide easier detection of threats during an outbreak

E. To see all detection events in real-time

正解：B,C 解答を投票する

出題：6

Which systems require real-time notification?

A. Systems whose policy and configuration are subject to compliance requirements

B. Systems that rely on the polling interval to update the agent

C. Systems whose policy and configuration are relatively stable and that are consistent within the deployment

D. Systems whose policy and configuration are relatively stable, but need a fast reaction time to infrequent policy or configuration changes

正解：D 解答を投票する

出題：7

An administrator stops the SISIPSService service.
How will this impact the agent?

A. The intrusion protection service is immediately stopped

B. Agent-manager communication is stopped

C. The intrusion protection service is stopped after reboot

D. The agent can still communicate with the manager, but logs will fail to be uploaded

正解：B 解答を投票する

出題：8

Which format is used to store real-time events on the agent?

A. .TXT

B. .CSV

C. .ZIP

D. .LOG

正解：B 解答を投票する

出題：9

What is an available action within the agent diagnostics policy?

A. Allow the current user to override the applied prevention policy

B. Install a new agent certificate

C. Enable the use of Event Viewer on the agent

D. Restart the IPS Service

正解：D 解答を投票する

出題：10

Which encryption mechanism is used to secure communication between the management server and agent?

A. SSL

B. LUA

C. IPSEC

D. SHA-256

正解：B 解答を投票する

250-505試験無料問題集「Symantec Administration of Symantec Data Center Security: Server Advanced 認定」