HP0-A100 Online Practice Questions and Answers

Which feature of Arc Sight Smart Connectors reduces the quantity of events sent to the ESM Manager?

A. Normalization

B. Host name lookup

C. Categorization

D. Aggregation

Which database management system technology is utilized by the Arc Sight ESM 6.5c?

A. DB2

B. CORR-Engine

C. SQL Server Express Edition

D. Oracle 10g

Which event lifecycle phase discovers the relationships between events, infers the significance of those relationships, prioritizes them, and provides a framework to take action?

A. Correlation evaluation

B. Priority evaluation and network model lookup

C. Workflow

D. Data collection and event processing

Which statement describes a CIP?

A. A collection of packages to interface ArcSight products with ticket management systems

B. A suite of ArcSight resources focusing on system performance issues

C. A product that scales easily to manage extreme machine data across IT

D. A collection of ArcSight resources to monitor IT assets, based on regulatory requirements

What is the extension used to deliver and install CIPs?

A. aup

B. cab

C. cip

D. arb

What is the main purpose of using Identity View within an ESM environment?

A. To correlate identity information maintained by the Identity Management System with events generated m the network

B. To model network architecture within the ESM environment to perform advanced correlation on Asset and User events

C. To extract user and asset information from events in a logger environment to perform correlation analysis on them

D. To forward LDAP and active directory events to ESM Server

What is the main purpose of the ArcSight ESM Query Viewer resource?

A. To view both SQL queries and reports in a dashboard

B. To view quick, high-level summaries of security events

C. To get low-level detailed event activities

D. To view and edit the underlying SOL queries

Which schema group contains the timestamp of the event and name of the event?

A. Source Event Schema

B. Category Event Schema

C. Agent Event Schema

D. Root Event Schema

What is IAM an acronym for?

A. Intrusion and Access Management

B. Identity and Access Management

C. Incident Account Management

D. Identity Account Management

What are functions of a Smart Connector? (Select two)

A. Collecting data from a source device

B. Parking and normalizing events

C. Long-term storage repository for events

D. Performing correlation evaluation

E. Discovering day-zero attacks