Which processes occur in the first phase of the event lifecycle? (Select two.)
A. evaluating event data
B. applying event categories
C. applying hashing to event data
D. correlating event data
E. normalizing event data
Command Center Event Search consists of which search syntax methods?
A. SQL query, regular expression, and complex expression search
B. field-query search, simple query search, and complex expression search
C. full-field search, Boolean search, and regular expression search
D. field-based search, full-text search, and regular expression
What is the name of the resource you can use to override the default ArcSight mapping IP addresses to geographic regions?
A. zones
B. destinations
C. locations
D. categories
Which file types MUST be included in an Oracle backup? (Select two.)
A. table files
B. data files
C. program files
D. configuration files
What is a bundle?
A. a set of resources that makes up a package
B. a data transmission containing SSL information
C. a set of raw log events before they are parsed
D. a container for one or more packages
Which command is used to add a secondary destination to a Connector's configuration?
A. arcsight destinations -n
B. arcsight connectorsetup -w
C. arcsight connectionwizard
D. arcsight connector -d
What are valid actions for a rule to take? (Select two.)
A. generating a report
B. executing a command
C. sending a notification
D. Creating a vulnerability
E. adding a condition to a filter
What is the primary function of the ArcSight Manager?
A. It accepts correlated, prioritized events from SmartConnectors with instructions from the ArcSight Console, and writes events to the database.
B. It manages bottlenecks between the connectors, the ArcSight Console, and the ESM Database.
C. It writes incoming events to the database while simultaneously processing events through the Correlation engine.
D. It restores the rule definitions that drive the functioning of ArcSight ESM.
Which statements are true about Active Lists? (Select two.)
A. They can store data over longer periods of time than rules or Data Monitors.
B. They can incur processing overhead if not properly scheduled.
C. They always include start time and end time fields.
D. They can be manually populated using the right-click context menu.
E. They can neither be exported nor imported.
Which statement best describes how baselines are established and used in Query Viewers?
A. Baselines are created using query results, which are fed into the Image Editor for filtering and display in the related Data Monitor.
B. Baselines are created using rules. After the rule is triggered, the resulting action establishes a baseline against which future rules are evaluated in the Query Viewer.
C. Baselines are created using query results. When a query has one or more baselines available, you can compare the current results with a baseline.
D. Baselines are created using query results. The baseline from the query is used to create a new field set definition that can be run against future events.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only HP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your HP0-A116 exam preparations and HP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.