Report run start time, output format for report results, email distribution for report results, and report filters are all examples of what?
A. report parameters
B. report formats
C. report data sources
D. report attributes
Correct Answer: C
Which host user should own the .tararchive from which the ArcSight ESM Suite bin file containing ESM components, and installation and configuration wizards is extracted?
A. any user with admin group privilege
B. root user
C. arcsight user
D. archive user
Correct Answer: B
Which pairs of resources can be displayed in the ArcSight Web interface? (Select two.)
A. Search Filters and Saved Searches
B. Queries and Cases
C. Reports and Dashboards
D. Notifications and Active Channels
E. Knowledge Base articles and Templates
Correct Answer: CE
During your ESM installation and configuration, none of the Foundation Packages were selected in the Configuration Wizard. What should you do to install the Foundation Packages?
A. Manually upload the Foundation Packages to ESM using .arb files exported from another ESM instance
B. Reapply the ESM product license from Arc Sight Command Center to install the the Foundation Packages
C. Rerun the Configuration Wizard using Manager setup and select the Foundation Packages to install
D. Install the Foundation Packages from the ArcSight Console Resource Navigator right-click menus
Correct Answer: D
What are functions of Query-Viewers? (Select two.)
A. displaying the Boolean logic and conditions linkage behind filters ana rules criteria
B. providing a baseline analysis of events against which future queries can be compared
C. determining which devices are off-line at any given point in time by querying their status
D. providing a quick way to run SQL queries and identify trends without running reports
E. presenting detailed comparisons of report elements, not possible with reporting tools
Correct Answer: BD QUESTION 6
By default, which TCP/IP port is used by ArcSight Command Center to communicate with a web browser client?
Correct Answer: C QUESTION 7
Which four basic Event Search elements affect what is displayed in the Search results?
A. filter, constraints, time range, and field set
B. filter, constraints, time range, and row limit
C. filter, time range, variables, and field set
D. filter, time range, time zone, and field set
Correct Answer: A QUESTION 8
Which access type is provided with ESM Access Control Lists?
A. Specific User read and write access to specific Resource Groups
B. Specific User Group read and write access to a specific Resource
C. Specific User Group read and write access to specific Resource Groups
D. Specific User read and write access to a specific Resource
Correct Answer: C QUESTION 9
Which statements are true about results in Query Viewers? (Select two.)
A. Results can be displayed as tables or charts, and added to Dashboards
B. Results can be used in event searches.
C. Results can be used to generate reports.
D. Results can be used as event filters.
E. Results can be forwarded as notifications.
Correct Answer: AC QUESTION 10
What is the procedure to reset all ArcSight Console preferences back to default?
A. In “console.properties” file, locate and edit the line: set default=true.
B. Copy the “console.defaults.properties” file to overwrite the “console.properties” file.
C. Stop the Console, delete or rename the user.ast file, and restart the Console.
D. In the File menu, click on Preferences, and select “Set to Default”.
Correct Answer: B QUESTION 11
Which processes occur in the first phase of the event lifecycle? (Select two.)
A. evaluating event data
B. applying event categories
C. applying hashing to event data
D. correlating event data
E. normalizing event data
Correct Answer: BE