HP0-A116 - HP ArcSight ESM 6.5 Security Administrator and Analyst

Go back to HP

Example Questions

The Packages view in the ArcSight Console Navigator provides access to all discrete resources that are part of a package in a single view. The dependency view toggle in the Package tree header shows required packages, which are packages on which other packages depend. What is the visual indicator of this dependency? Which functions does a non-event based Data Monitor perform? Which ArcSight resource objects do Field Sets correspond to? Why is it sometimes necessary to lock a Case? Which statements are true about results in Query Viewers? (Select two.) When is it useful to schedule rules rather than have them run in real time? Command Center Event Search consists of which search syntax methods? How do asset categorization and event categorization relate to each other? Which statement best describes how baselines are established and used in Query Viewers? By default, which TCP/IP port is used by ArcSight Command Center to communicate with a web browser client? You want your Active Channel to automatically display new events as they arrive at ESM. Which time parameter you use to accomplish this? Which statement is true about the ArcSight Web interface? Which procedure allows you to terminate a session within a Session List? (Select two) Which ArcStght Console user settings can be changed in the Preferences Editor? What is the effect of the constraints used in an event search query? ESM components fail to consistently restart after a system reboot and require individual intervention with repeated arcsight_services component restart commands. Which log file offers troubleshooting information that will help resolve this issue? Which authenticators are configurable by ArcSight Command Center? What can you use to change the stage of a Case? Which access type is provided with ESM Access Control Lists? Which ArcSight ESM user type provides full privileges to use the Command Center, the ArcSight Console, the Arcsight Web client, and all tools? What are the three general types of Data Monitors? Which processes occur in the first phase of the event lifecycle? (Select two.) Report run start time, output format for report results, email distribution for report results, and report filters are all examples of what? Using ESM 6.5 ArcSight Command Center, which drill down type is available? How are ESM Global Variables created? What Is the ArcSight Event Schema? During your ESM installation and configuration, none of the Foundation Packages were selected in the Configuration Wizard. What should you do to install the Foundation Packages? Where are the resource settings located that determine ArcSight ESM User Password Policy? If a username and password are used for authenticating a remote peer, when would you need to use those credentials a second time? What is the procedure to reset all ArcSight Console preferences back to default? What do the start and end times associated with a notification destination indicate? Which TCP/IP port is the default when a web browser is used to connect to the ArcSight Command Center? Which statements are true about Session Lists? (Select two) What are functions of Query-Viewers? (Select two.) What are the three major display components of an Active Channel in the Viewer Panel? What is the "focus" of a Focus report? Which statements are true about escalation levels? (Select two.) Which pairs of resources can be displayed in the ArcSight Web interface? (Select two.) What are valid actions for a rule to take? (Select two.) Which ArcSight Solution works as a GPS for privileged user activity that identifies unusual hehavior? Which functions are on the right-click menu for an event in the ConsoleViewer panel? (Select two.) What is the impact of checking Auto Update on the Search Results header, and selecting a time of 2 minutes? During which process is the first user created for access to ESM? Which host user should own the .tararchive from which the ArcSight ESM Suite bin file containing ESM components, and installation and configuration wizards is extracted? Which component determines how a report looks when it is generated? Which statements are true about Active Lists? (Select two.) From where are the local ArcSight Console Preference Settings accessed? Active Channel views and Dashboard views are examples of ArcSight Console Viewer Panel views. Which other views are associated with the Viewer Panel? (Select two) Of the 17 event field groups defined in the ArcSight Event Schema, in which group can data fields describing an event's importance as assessed by ArcSight ESM be found? Under which circumstances does a Connector use its cache? (Select two.)