HP0-A116 Exam Questions

What happens when a Connector upgrade that was initiated from within the ArcSight Console fails?

Which statement is true about the ArcSight Web Server?

Which ArcSight ESM Resource enables you to perform live monitoring of events?

Command Center Event Search consists of which search syntax methods?

How are baselines established and used in Query Viewers?

Report run start time, output format for report results, email distribution for report results, and report filters are all examples of what?

Which statement is true about ArcSight Database structures?

Which method is used to back up an Oracle database without shutting down the database?

One of the benefits of SSL technology is authentication. What does authentication do?

What is the name of the resource you can use to override the default ArcSight mapping IP addresses to geographic regions?

What are functions of Query Viewers? (Select two.)

Which statements are true about retention areas? (Select two.)

Using ESM 6.5 ArcSight Command Center, which drill down type is available?

What can you use to change the stage of a Case?

What is stored in a database partition?

Which tools are used to view events in ArcSight ESM? (Select two.)

During Connector install, which statement is true about the ArcSight Manager's host name or IP address?

Why would you lock a Case?

Which key pair types are valid selections when using the Manager Setup Wizard to create an SSL key pair? (Select two.)

Which statement best describes how baselines are established and used in Query Viewers?

Which ArcSight Solution works as a GPS for privileged user activity that identifies unusual hehavior?

Report run start time, output format for report results, email distribution for report results, and report filters are all examples of what?

Which functions does a non-event based Data Monitor perform?

What is an example of an event-based Data Monitor?

How can you restore a new ArcSight Web installation to a previous configuration?

What do field sets correspond to?

Which statements are true about SmartConnectors and batching? (Select two.)

Which statementis considered best practice for ESM Content Management?

What are ArcSight Foundations?

What is the name of the resource you can use to override the default ArcSight mapping of IP addresses to geographic regions?

What is a Network Model?

What is the "focus" of a Focus report?

What is the primary function of the ArcSight Manager?

How do asset categorization and event categorization relate to each other?

Which authenticators are configurable by ArcSight Command Center?

Which are clients of the ArcSight Manager? (Select two.)

ArcSight SmartConnectors send event data directly to what?

Which string function is used to join two data fields?

What is a function of the Variable GetSessionData?

What is the procedure to reset all ArcSight Console preferences back to default?

Which command should you use to configure notification acknowledgements after the initial configuration of ArcSight ESM?

How are ESM Global Variables created?

When is it useful to schedule rules rather than have them run in real time?

Active Channel views and Dashboard views are examples of ArcSight Console Viewer Panel views. Which other views are associated with the Viewer Panel? (Select two)

What is the impact of checking Auto Update on the Search Results header, and selecting a time of 2 minutes?

Which statements are true about Active Lists? (Select two.)

You want your Active Channel to automatically display new events as they arrive at ESM. Which time parameter should you use to accomplish this?

What represents the current status in the investigation of a Case?

What does the ArcSight Manager use to automatically establish identity, ownership, and criticality of the assets installed on a network?

What are valid actions for a rule to take? (Select two.)