HP0-A100 Online Practice Questions and Answers

Which component performs the data collection and normalization?

A. Data monitors

B. FSM manager

C. Smart Connectors

D. Correlation engine

Which database management system technology is utilized by the Arc Sight ESM 6.5c?

A. DB2

B. CORR-Engine

C. SQL Server Express Edition

D. Oracle 10g

What is an example of a CIP package used for compliance?

A. DOD

B. NSA

C. PCI

D. MOD

In which ESM event schema group can the Priority field with a value from 0 to 10 (calculated using ArcSight proprietary Threat Level Formula) be found?

A. Flex

B. Threat

C. Attacker

D. Root

The normalization process occurs at which event lifecycle phase?

A. Reporting and incident analysis

B. Monitoring and investigation

C. Priority evaluation and network model lookup

D. Data collection and event processing

Which statement describes a CIP?

A. A collection of packages to interface ArcSight products with ticket management systems

B. A suite of ArcSight resources focusing on system performance issues

C. A product that scales easily to manage extreme machine data across IT

D. A collection of ArcSight resources to monitor IT assets, based on regulatory requirements

Which type of ESM resources are imported from an external Identity Management System by using IdentityView?

A. Actors

B. Asset Categories

C. Users

D. Customers

What is the name of the process that parses raw events and stores them into the corresponding data fields in the ESM event schema?

A. Batching

B. Aggregation

C. Normalization

D. Filtering

What are functions of a Smart Connector? (Select two)

A. Collecting data from a source device

B. Parking and normalizing events

C. Long-term storage repository for events

D. Performing correlation evaluation

E. Discovering day-zero attacks

Which component is customer-built?

A. Nodes

B. Adapters

C. Flex Connectors

D. Collectors