1. Home
  2. HP
  3. HP0-A116

HP ArcSight ESM Security Administrator and Analyst

Exam Details

  • Exam Code
    :HP0-A116
  • Exam Name
    :HP ArcSight ESM Security Administrator and Analyst
  • Certification
    :HP ATP - ArcSight Security V1
  • Vendor
    :HP
  • Total Questions
    :179 Q&As
  • Last Updated
    :

HP HP ATP - ArcSight Security V1 HP0-A116 Questions & Answers

  • Question 81:

    You want your Active Channel to automatically display new events as they arrive at ESM. Which time parameter should you use to accomplish this?

    A. Evaluate Once at Attach Time

    B. Evaluate $NOW-1h

    C. Continuously Evaluate

    D. Evaluate Continuously from Attach Time

  • Question 82:

    Which statement is true about ArcSight Database structures?

    A. Data tablespaces typically use more disk space than indices.

    B. Indices typically use more disk space than data tablespaces.

    C. There is no appreciable difference between index and data tablespaces.

    D. The system data tablespace is always much larger than the event data tablespace.

  • Question 83:

    Which component determines how a report looks when it is generated?

    A. Query

    B. Layout

    C. Form

    D. Template

  • Question 84:

    One of the benefits of SSL technology is authentication. What does authentication do?

    A. validates client logins using advanced identity detection technology

    B. encrypts information sent between clients and servers

    C. adds a hashing algorithm to prevent data modification between client and server

    D. ensures that clients send information to the actual intended server, not a machine pretending to be that server

  • Question 85:

    What are valid actions for a rule to take? (Select two.)

    A. send notification

    B. execute command

    C. generate report

    D. add to filter

  • Question 86:

    There are 17 event field groups defined in the ArcSight Event Schema. In which group would you look for data fields describing an event's importance as assessed by ArcSight ESM?

    A. Category

    B. Threat

    C. Attacker

    D. Event

  • Question 87:

    During Connector install, which statement is true about the ArcSight Manager's host name or IP address?

    A. It must match the host name or IP address in the ArcSight Manager's SSL certificate.

    B. The host name or IP address is used as an encryption key.

    C. It can be any legitimate host name or IP address.

    D. It must contain a combination of alpha-numeric characters.

  • Question 88:

    Preserve Raw Events, Turbo Mode, and Limit Event Processing Rate are all examples of which type of Connector options?

    A. Processing options

    B. Aggregation options

    C. Filter conditions

    D. Preservation options

  • Question 89:

    Which tablespace is used by ArcSight to store resources?

    A. ARC_EVENT_DATA

    B. ARC_SYSTEM_INDEX

    C. ARC_SYSTEM_DATA

    D. ARC_EVENT_INDEX

  • Question 90:

    Which functions are on the right-click menu for an event? (Select two.)

    A. Correlate Events

    B. Show Event Details

    C. Annotate Events

    D. Prioritize Events

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only HP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your HP0-A116 exam preparations and HP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.