- All Exams Instant Download
To create a custom feed, initiate the action by selecting which top-level module?
To create a custom feed, initiate the action by selecting which top-level module?A . InvestigateB . AdminC . MonitorD . ConfigureView AnswerAnswer: D
In RSA NetWitness. viewing text or image data associated with a session is accessed through a
In RSA NetWitness. viewing text or image data associated with a session is accessed through aA . packet level drillB . meta value viewC . session reconstruction viewD . decoder analysis viewView AnswerAnswer: C
Parsers can be enabled on which of the following?
Parsers can be enabled on which of the following?A . Packet Decoder onlyB . Packet Decoder and Log DecoderC . Packet Decoder and Log Decoder and ConcentratorD . Packet Decoder and Log Decoder and Concentrator and BrokerView AnswerAnswer: B
When storage on the core devices fills to capacity, what happens?
When storage on the core devices fills to capacity, what happens?A . new traffic cannot be ingestedB . the decoder leverages capacity in the concentrator, and collection continuesC . the decoder leverages capacity in the broker, and collection continuesD . the oldest stored sessions are deleted and collection continuesView AnswerAnswer:...
What are three important things to configure on a Log Decoder'?
What are three important things to configure on a Log Decoder'?A . Capture Auto-Start. Service Parsers, Capture InterfaceB . Capture Settings. Aggregation Auto-Start. Profile settingsC . Investigation Settings. Capture Settings. Service ParsersD . Aggregation Auto-Start. Capture Settings. Investigation SettingsView AnswerAnswer: A
Which RSA NetWitness component captures and parses data off the wire?
Which RSA NetWitness component captures and parses data off the wire?A . Packet DecoderB . BrokerC . ConcentratorD . Log DecoderView AnswerAnswer: A
What are the two basic operations you might perform to make use of a Live resource?
What are the two basic operations you might perform to make use of a Live resource?A . move and copyB . download and enableC . save and applyD . subscribe and deployView AnswerAnswer: D
You can configure replication for log data by setting up a remote collector and creating
You can configure replication for log data by setting up a remote collector and creatingA . a Virtual Log CollectorB . a lockboxC . host groupsD . destination groupsView AnswerAnswer: D
To report on matches in the NWDB against a series of fixed values, include which feature in your report definition?
To report on matches in the NWDB against a series of fixed values, include which feature in your report definition?A . An Application RuleB . A ListC . An Enrichment SourceD . A SubscriptionView AnswerAnswer: B
Administrators can use the Profile feature to limit views with (Choose three)
Administrators can use the Profile feature to limit views with (Choose three)A . Meta groupsB . Custom column groupsC . Assigned pre-queriesD . Automated role assignmentE . Data privacy policiesF . List viewView AnswerAnswer: A,B,C
