HP0-A116 Online Practice Questions and Answers

The Packages view in the ArcSight Console Navigator provides access to all discrete resources that are part of a package in a single view. The dependency view toggle in the Package tree header shows required packages, which are packages on which other packages depend. What is the visual indicator of this dependency?

A. The package name is underlined.

B. The package name is shown in hold font.

C. The package icon contains a red asterisk.

D. The package icon is highlighted in yellow.

When specifying the attributes of a new Active List, you can set TTL days, hours, and minutes. What is TTL?

A. Total Time Lag

B. Time Threshold Lag

C. Time To Live

D. Total Time Left

During your ESM installation and configuration, none of the Foundation Packages were selected in the Configuration Wizard. What should you do to install the Foundation Packages?

A. Manually upload the Foundation Packages to ESM using .arb files exported from another ESM instance

B. Reapply the ESM product license from Arc Sight Command Center to install the the Foundation Packages

C. Rerun the Configuration Wizard using Manager setup and select the Foundation Packages to install

D. Install the Foundation Packages from the ArcSight Console Resource Navigator right- click menus

Which TCP/IP port is the default when a web browser is used to connect to the ArcSight Command Center?

A. 443

B. 6443

C. 9443

D. 8443

One of the benefits of SSL technology is authentication. What does authentication do?

A. validates client logins using advanced identity detection technology

B. encrypts information sent between clients and servers

C. adds a hashing algorithm to prevent data modification between client and server

D. ensures that clients send information to the actual intended server, not a machine pretending to be that server

Active Channel views and Dashboard views are examples of Viewer Panel views. Which other views are associated with the Viewer Panel? (Select two.)

A. Asset views

B. Resource views

C. Combined views

D. Simple views

E. Results views

Asset categories can be assigned to zones as well as assets. What happens to the assets that belong to a zone with a category of "Critical"?

A. All assets in the zone inherit the zone's category.

B. Nothing happens. Assets in the zone maintain their own individual category identities.

C. Assets with a category that matches the zone category are grouped into a "Critical" asset group.

D. Assets in the zone inherit the zone's category and are grouped into a "Critical" asset group.

What are capabilities of the ArcSight Manager? (Select two.)

A. receives event data from SmartConnectors

B. normalizes events from devices

C. performs advanced event correlation and analysis

D. allows users to perform security monitoring through a built-in web interface

How are baselines established and used in Query Viewers?

A. Baselines are created using rules. After the rule is triggered, the resulting action establishes a baseline against which future rules are evaluated in the Query Viewer.

B. Baselines are created using query results. The baseline from the query is used to create a new field set definition that can be run against future events.

C. Baselines are created using query results. When a query has one or more baselines available, you can compare the current results with the baseline.

D. Baselines are created using query results and fed into the Image Editor for the related Data Monitor.

Which statement is true about a join rule?

A. It is triggered by events that match a single set of conditions.

B. It matches the output of more than one simple rule to an Active List.

C. It recognizes patterns that involve more than one type of event.

D. It rejects partial matches but can be set for aggregation.

Which statement best describes how baselines are established and used in Query Viewers?

A. Baselines are created using query results, which are fed into the Image Editor for filtering and display in the related Data Monitor.

B. Baselines are created using rules. After the rule is triggered, the resulting action establishes a baseline against which future rules are evaluated in the Query Viewer.

C. Baselines are created using query results. When a query has one or more baselines available, you can compare the current results with a baseline.

D. Baselines are created using query results. The baseline from the query is used to create a new field set definition that can be run against future events.

What are valid actions for a rule to take? (Select two.)

A. generating a report

B. executing a command

C. sending a notification

D. Creating a vulnerability

E. adding a condition to a filter

Which ArcSight ESM Resource enables you to perform live monitoring of events?

A. Cases

B. Active Channels

C. Stages

D. Knowledge Base

Which command is used to check the status of the TNS Listener?

A. lsnrctl status

B. listener status

C. tnsstat

D. oralistener status

How can you restore a new ArcSight Web installation to a previous configuration?

A. copy the old ArcSight Web installation's config directory and cacerts file into the new installation

B. copy the ArcSight Manager's config directory into the new installation

C. manually reconfigure the new installation

D. connect to the Manager and download the saved configuration