HP0-A100 - HP ArcSight Security Solutions

Go back to HP

Example Questions

What is CIP an acronym for? Which component performs the data collection and normalization? What is the major benefit of ArcSight Logger? Which ESM component does the Event Priority Evaluation and Asset Model look up? Which schema group contains the timestamp of the event and name of the event? How does the ArcSight ESM Manager display statistical views of the data on your network? Which appliance provides advanced event correlation, event analysis and investigation, options for remediation and even, storage? Which event lifecycle phase discovers the relationships between events, infers the significance of those relationships, prioritizes them, and provides a framework to take action? Which type of ESM resources are imported from an external Identity Management System by using IdentityView? Which HP Enterprise Security Product analyzes and correlates every event that occurs across the organization to deliver accurate prioritization of security risks and compliance violations? How many ESM event schema groups are there? What is an ArcSight Logger architecture component? The ArcSight ESM collects, normalizes, aggregates, and filters millions of what? What is a purpose of Smart Connectors? What is an example of a CIP package used for compliance? The ArcSight ESM uses which component to gather events? What is a function of a Connector Appliance? The normalization process occurs at which event lifecycle phase? What is the main purpose of the ArcSight ESM Query Viewer resource? What does Arc Sight Identity View integrate? How does a CIP help an organization? (Select two.) What is the main purpose of using Identity View within an ESM environment? What does the ArcSight ESM prioritize? What is a reporting enhancement in ArcSight Express release 4.0? What is the output of the Data Collection and Event Processing phase? What are the features that allow you to use Arc Sight Logger throughout your network? What is the most important reason or benefit for customers to use ArcSight ESM? Which database management system technology is utilized by the Arc Sight ESM 6.5c? How are CIPs licensed? Which component performs event aggregation? What is the name of the process that parses raw events and stores them into the corresponding data fields in the ESM event schema? What is IAM an acronym for? Which feature of Arc Sight Smart Connectors reduces the quantity of events sent to the ESM Manager? For its correlation and automated event analysis capabilities, which ESM component is considered the brain of the HP ArcSight SIEM platform? Which statement is correct? In which phase are functions from the ESM Console (such as NS lookup, Ping, Port info, Trace route and who is) performed? Which task is performed by the manager during the Priority Evaluation and Network Model Lookup phase? Which resource used in the Workflow phase in the event lifecycle, .tracks either individual events or multiple related events? What is a major benefit of using ArcSight ESM? Which Arc Sight solution delivers Arc Sight content to add specific compliance or standard requirements such as PCI and Sarbanes-Oxley (SOX)? Which statement is true about Arc Sight Identity View? What is the main purpose of the ArcSight ESM? Which statement describes a CIP? In which ESM event schema group can the Priority field with a value from 0 to 10 (calculated using ArcSight proprietary Threat Level Formula) be found? What is the major benefit of using ArcSight Connector Appliance? Which security product features are offered in ArcSight Express? (Select two) Which function is performed by the ArcSight ESM Manager? What is the primary feature of Connector Appliance? Which type of ESM resources is able to create correlation events? What are three resources used in the Correlation phase of the event lifecycle?