050-SEPROSIEM-01 Dumps

050-SEPROSIEM-01 Braindumps 050-SEPROSIEM-01 Real Questions 050-SEPROSIEM-01 Practice Test

050-SEPROSIEM-01 Actual Questions

killexams.com

RSA

050-SEPROSIEM-01

RSA Certified SE Professional in Security Information and Event Management

https://killexams.com/pass4sure/exam-detail/050-SEPROSIEM-01

Device classes

apply to only active devices.
include multiple levels of sub-classes.
represent the status of devices and provide a framework for organizing the devices.
represent the general function of the devices and provide a framework for organizing the devices.

The Collector service

stores the log information in its raw format.
retrieves data according to requests and requirements for event viewing, reporting, queries, and alerts.
provides support for the Task Triage incident management and the Vulnerability and Assessment Management features.
interprets all incoming event data to discover new devices not currently being monitored and adds new devices to the list of monitored devices.

Events can be collected using which of the following services?

Syslog and Agentless Windows
Syslog, SNMP, File Reader, and ODBC
Syslog, SNMP, File Reader, ODBC, and Agentless Windows
Syslog, SNMP, File Reader, ODBC, Agentless Windows, SDEE, LEA and VMware Collector

Supported devices that require a service

do not need any additional configuration.
do not need to be added to the Manage Monitored Devices screen.
must be configured ahead of time and have the correct service installed to communicate with RSA enVision.
must be configured ahead of time and be set up in the EventSource Integrator to communicate with RSA enVision.

A device in active state has events that

Device classes

apply to only active devices.
include multiple levels of sub-classes.
represent the status of devices and provide a framework for organizing the devices.
represent the general function of the devices and provide a framework for organizing the devices.