HP0-A100 Online Practice Questions and Answers

What is a major benefit of using ArcSight ESM?

A. Collecting row data and archive

B. Real time threat detection

C. Detecting software ending flaws

D. Encrypting raw event data

Which HP Enterprise Security Product analyzes and correlates every event that occurs across the organization to deliver accurate prioritization of security risks and compliance violations?

A. Smart Connector

B. Connector Appliance

C. Logger

D. Enterprise Security Manager

Which ESM component does the Event Priority Evaluation and Asset Model look up?

A. ESM console

B. CORR engine

C. Smart Connectors

D. ESM manager

In which phase are functions from the ESM Console (such as NS lookup, Ping, Port info, Trace route and who is) performed?

A. Workflow

B. Analysis

C. Trending

D. Correlation

What is the major benefit of using ArcSight Connector Appliance?

A. Ability to detect common patterns on your network

B. Ability to configure, monitors, tune, and update Smart Connectors

C. Ability to perform correlation on raw data

D. Long-term storage of data

Which statement is correct?

A. ArcSight Logger event schema is different from the ESM event schema

B. ArcSight Logger receives events from Connectors rather than from raw events

C. ArcSight Logger cannot compress data.

D. ArcSight Logger must be used together with an ArcSight ESM

Which event lifecycle phase discovers the relationships between events, infers the significance of those relationships, prioritizes them, and provides a framework to take action?

A. Correlation evaluation

B. Priority evaluation and network model lookup

C. Workflow

D. Data collection and event processing

Which resource used in the Workflow phase in the event lifecycle, .tracks either individual events or multiple related events?

A. Reports

B. Stages

C. Query viewers

D. Cases