To create a custom feed, initiate the action by selecting which top-level module?A . InvestigateB . AdminC . MonitorD . Configure View Answer Answer: D...
In RSA NetWitness. viewing text or image data associated with a session is accessed through a
In RSA NetWitness. viewing text or image data associated with a session is accessed through aA . packet level drillB . meta value viewC . session reconstruction viewD . decoder analysis view View Answer Answer: C...
Parsers can be enabled on which of the following?
Parsers can be enabled on which of the following?A . Packet Decoder onlyB . Packet Decoder and Log DecoderC . Packet Decoder and Log Decoder and ConcentratorD . Packet Decoder and Log Decoder and Concentrator and Broker View Answer Answer: B...
When storage on the core devices fills to capacity, what happens?
When storage on the core devices fills to capacity, what happens?A . new traffic cannot be ingestedB . the decoder leverages capacity in the concentrator, and collection continuesC . the decoder leverages capacity in the broker, and collection continuesD . the oldest stored sessions are deleted and collection continues View Answer Answer: D...
What are three important things to configure on a Log Decoder’?
What are three important things to configure on a Log Decoder’?A . Capture Auto-Start. Service Parsers, Capture InterfaceB . Capture Settings. Aggregation Auto-Start. Profile settingsC . Investigation Settings. Capture Settings. Service ParsersD . Aggregation Auto-Start. Capture Settings. Investigation Settings View Answer Answer: A...
Which RSA NetWitness component captures and parses data off the wire?
Which RSA NetWitness component captures and parses data off the wire?A . Packet DecoderB . BrokerC . ConcentratorD . Log Decoder View Answer Answer: A...
What are the two basic operations you might perform to make use of a Live resource?
What are the two basic operations you might perform to make use of a Live resource?A . move and copyB . download and enableC . save and applyD . subscribe and deploy View Answer Answer: D...
You can configure replication for log data by setting up a remote collector and creating
You can configure replication for log data by setting up a remote collector and creatingA . a Virtual Log CollectorB . a lockboxC . host groupsD . destination groups View Answer Answer: D...
To report on matches in the NWDB against a series of fixed values, include which feature in your report definition?
To report on matches in the NWDB against a series of fixed values, include which feature in your report definition?A . An Application RuleB . A ListC . An Enrichment SourceD . A Subscription View Answer Answer: B...
Administrators can use the Profile feature to limit views with (Choose three)
Administrators can use the Profile feature to limit views with (Choose three)A . Meta groupsB . Custom column groupsC . Assigned pre-queriesD . Automated role assignmentE . Data privacy policiesF . List view View Answer Answer: A,B,C...