1. Home
  2. HP
  3. HP0-A116

HP ArcSight ESM Security Administrator and Analyst

Exam Details

  • Exam Code
    :HP0-A116
  • Exam Name
    :HP ArcSight ESM Security Administrator and Analyst
  • Certification
    :HP ATP - ArcSight Security V1
  • Vendor
    :HP
  • Total Questions
    :179 Q&As
  • Last Updated
    :Mar 24, 2025

HP HP ATP - ArcSight Security V1 HP0-A116 Questions & Answers

  • Question 151:

    What is an example of an event-based Data Monitor?

    A. moving average

    B. rules partial match

    C. last n events

    D. session reconciliation

  • Question 152:

    How do asset categorization and event categorization relate to each other?

    A. Asset categorization requires custom FlexConnectors; event categorization uses standard Smartconnectors.

    B. Asset categorization and event categorization are the same.

    C. Asset categorization is the fingerprint of an asset; event categorization is a set of criteria that describes an event.

    D. Asset categorization and event categorization use the same field set to apply categories to assets and events

  • Question 153:

    Which ArcSight Solution works as a GPS for privileged user activity that identifies unusual hehavior?

    A. ThreatDetector

    B. Pattern Discovery

    C. IdentityView

    D. ldentityCorrelation

  • Question 154:

    Active Channel views and Dashboard views are examples of ArcSight Console Viewer Panel views. Which other views are associated with the Viewer Panel? (Select two)

    A. Simple views

    B. Asset views

    C. Results views

    D. Resource views

    E. Combined views

  • Question 155:

    What can ArcSight ESM Dashboards display?

    A. multiple Data Monitors

    B. multiple Cases

    C. multiple Stages

    D. multiple Reports

  • Question 156:

    ESM components fail to consistently restart after a system reboot and require individual intervention with repeated arcsight_services component restart commands. Which log file offers troubleshooting information that will help resolve this issue?

    A. monit.log

    B. server.log

    C. arcsight_services.log

    D. server.status.log

  • Question 157:

    How are ESM Global Variables created?

    A. from within the Manager's server.properties file by using the System Global Variable link

    B. from the Fields and Global Variable tab in the Field SetResource or by promoting a Local Variable

    C. from the System Tools menu by using the Create System Global Variable option

    D. from the Local Variables tab of the Filter Resource and only by promoting a Local Variable

  • Question 158:

    Click the Exhibit button.

    Which type of diagram is shown in the exhibit?

    A. a geographic hierarchy map

    B. an event graph

    C. an image viewer map

    D. a query topology

  • Question 159:

    What is a function of the Variable GetSessionData?

    A. retrieves data fields from a Session List

    B. sends session details to the ArcSight Manager

    C. populates a Session List

    D. investigates session details in the audit log

  • Question 160:

    When specifying the attributes of a new Active List, you can set TTL days, hours, and minutes. What is TTL?

    A. Total Time Lag

    B. Time Threshold Lag

    C. Time To Live

    D. Total Time Left

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only HP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your HP0-A116 exam preparations and HP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.