050-11-CARSANWLN01 Dumps

050-11-CARSANWLN01 Braindumps 050-11-CARSANWLN01 Real Questions 050-11-CARSANWLN01 Practice Test

050-11-CARSANWLN01 Actual Questions


killexams.com


RSA


050-11-CARSANWLN01


RSA NetWitness Logs & Network Administrator


https://killexams.com/pass4sure/exam-detail/050-11-CARSANWLN01


Question: 11


To add an action to the right-click menu in the Investigation Ul. create a


  1. Right-click action

  2. Profile

  3. Context Hub List

  4. Context Menu Action


Answer: D Question: 12

Parsers can be enabled on which of the following?


  1. Packet Decoder only

  2. Packet Decoder and Log Decoder

  3. Packet Decoder and Log Decoder and Concentrator

  4. Packet Decoder and Log Decoder and Concentrator and Broker


Answer: B Question: 13

Which of the following choices describes a fundamental unit of network traffic transmitted from one IP device to another?


  1. Packet

  2. Chart

  3. Session

  4. Schedule


Answer: A Question: 14

What are the data sources available in RSA NetWitness when creating a Reporting Engine rule?


  1. Short, Long, Truncated

  2. IPDB, ODBC, FileReader

  3. Broker, Concentrator, Decoder

  4. NetWitness DB, Warehouse DB, Respond DB

Answer: D Question: 15

Which of the following rule types relies on two or more events occurring within a specified window of time?


  1. Network Rule

  2. Application Rule

  3. Correlation Rule

  4. BPF Filter Rule


Answer: C Question: 16

What are the two basic operations you might perform to make use of a Live resource?


  1. move and copy

  2. download and enable

  3. save and apply

  4. subscribe and deploy


Answer: D Question: 17

Service Groups are used primarily for


  1. grouping metadata from specified hosts

  2. deploying Live resources to specified services

  3. grouping hosts for batch configuration

  4. grouping hosts for monitoring performance in the Health and Wellness view


Answer: B Question: 18

The NetWitness Trust Model is based on


  1. User ID

  2. User Role

  3. IP address

  4. Hardware address


Answer: B Question: 19

What are three important things to configure on a Log Decoder'?


  1. Capture Auto-Start. Service Parsers, Capture Interface

  2. Capture Settings. Aggregation Auto-Start. Profile settings

  3. Investigation Settings. Capture Settings. Service Parsers

  4. Aggregation Auto-Start. Capture Settings. Investigation Settings


Answer: A Question: 20

Where do you define dynamic charts for real-time display in Dashboards?


  1. Default Dashboard

  2. MONITOR > Reports > Manage > Charts

  3. MONITOR > Reports > Charts > View

  4. CONFIGURE > ESA Rules


Answer: B