Which appliance provides advanced event correlation, event analysis and investigation, options for remediation and even, storage?
A. ArcSight Connector Appliance
B. ArcSight Network Configuration Manager/Threat Response Manager
C. ArcSight Logger Appliance
D. ArcSight Express
What is the purpose of the ArcSight ESM?
A. Enables a security bus that allows devices to communicate
B. Enables situational awareness and visibility of the security risks across an organization
C. Enables security device management using a common browser-based Management Console
D. Enables security integration between disparate devices
Which resource used in the Workflow phase in the event lifecycle, .tracks either individual events or multiple related events?
A. Reports
B. Stages
C. Query viewers
D. Cases
What is the extension used to deliver and install CIPs?
A. aup
B. cab
C. cip
D. arb
What is the main purpose of using Identity View within an ESM environment?
A. To correlate identity information maintained by the Identity Management System with events generated m the network
B. To model network architecture within the ESM environment to perform advanced correlation on Asset and User events
C. To extract user and asset information from events in a logger environment to perform correlation analysis on them
D. To forward LDAP and active directory events to ESM Server
Which statement describes a CIP?
A. A collection of packages to interface ArcSight products with ticket management systems
B. A suite of ArcSight resources focusing on system performance issues
C. A product that scales easily to manage extreme machine data across IT
D. A collection of ArcSight resources to monitor IT assets, based on regulatory requirements
What is the output of the Data Collection and Event Processing phase?
A. Correlation events
B. Base events
C. Filtered events
D. Raw events
Which security product features are offered in ArcSight Express? (Select two)
A. SRL authentication support
B. Connector management
C. First I tool Wizard
D. Support for FIPS
E. Connector appliance functionality
Which statement is correct?
A. ArcSight Logger event schema is different from the ESM event schema
B. ArcSight Logger receives events from Connectors rather than from raw events
C. ArcSight Logger cannot compress data.
D. ArcSight Logger must be used together with an ArcSight ESM
The normalization process occurs at which event lifecycle phase?
A. Reporting and incident analysis
B. Monitoring and investigation
C. Priority evaluation and network model lookup
D. Data collection and event processing
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only HP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your HP0-A100 exam preparations and HP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.