Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which option is true of the Packet Information portion of the Packet View screen?

A.

provides a table view of events

B.

allows you to download a PCAP formatted file of the session that triggered the event

C.

displays packet data in a format based on TCP/IP layers

D.

shows you the user that triggered the event

Which option is not a characteristic of dashboard widgets or Context Explorer?

A.

Context Explorer is a tool used primarily by analysts looking for trends across varying periods of time.

B.

Context Explorer can be added as a widget to a dashboard.

C.

Widgets offer users an at-a-glance view of their environment.

D.

Widgets are offered to all users, whereas Context Explorer is limited to a few roles.

FireSIGHT recommendations appear in which layer of the Policy Layers page?

A.

Layer Summary

B.

User Layers

C.

Built-In Layers

D.

FireSIGHT recommendations do not show up as a layer.

Which option is used to implement suppression in the Rule Management user interface?

A.

Rule Category

B.

Global

C.

Source

D.

Protocol

Context Explorer can be accessed by a subset of user roles. Which predefined user role is not valid for FireSIGHT event access?

A.

Administrator

B.

Intrusion Administrator

C.

Security Analyst

D.

Security Analyst (Read-Only)

Context Explorer can be accessed by a subset of user roles. Which predefined user role is valid for FireSIGHT event access?

A.

Administrator

B.

Intrusion Administrator

C.

Maintenance User

D.

Database Administrator

Which feature of the preprocessor configuration pages lets you quickly jump to a list of the rules associated with the preprocessor that you are configuring?

A.

the rule group accordion

B.

a filter bar

C.

a link below the preprocessor heading

D.

a button next to each preprocessor option that has a corresponding rule

What does packet latency thresholding measure?

A.

the total elapsed time it takes to process a packet

B.

the amount of time it takes for a rule to process

C.

the amount of time it takes to process an event

D.

the time span between a triggered event and when the packet is dropped

Which statement describes the meaning of a red health status icon?

A.

A critical threshold has been exceeded.

B.

At least one health module has failed.

C.

A health policy has been disabled on a monitored device.

D.

A warning threshold has been exceeded.

Which event source can have a default workflow configured?

A.

user events

B.

discovery events

C.

server events

D.

connection events