New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. RSA
  3. NetWitness Platform
  4. 050-11-CARSANWLN01 - RSA NetWitness Logs & Network Administrator Exam

RSA 050-11-CARSANWLN01 RSA NetWitness Logs & Network Administrator Exam Exam Practice Test

Page: 1 / 7
Total 71 questions
Get 050-11-CARSANWLN01 Full Access Download 050-11-CARSANWLN01 PDF

RSA NetWitness Logs & Network Administrator Exam Questions and Answers

Question 1

The Context Hub runs as a service on which Host?

Options:

A.

Decoder

B.

Concentrator

C.

ESA

D.

Server

Question 2

To use RSA SecurlD as an authentication method for administrators, what must be configured?

Options:

A.

PAM

B.

CHAP

C.

RADIUS

D.

LDAP

Question 3

Application rules can be configured on

Options:

A.

Log Decoder

B.

Log Decoder and Packet Decoder

C.

Log Decoder, Packet Decoder, and Concentrator

D.

Log Decoder, Packet Decoder, Concentrator, and Broker

Question 4

What are the pre-configured roles in RSA NetWitness?

Options:

A.

EVENT_ANALYST, INTRUSION_ANALYST SOC-MANAGER, ADMIN, OPERATOR, RESPOND_ADMINlSTRATOR

B.

EVENT_STREAM_ANALYST WAREHOUSE_ANALYST, ARCHIVER_ANALYST, DB_ANALYST ADMINISTRATOR

C.

MALWARE_ANALYST, ESA_ANALYST, REPORT_ANALYST ADMINISTRATOR

D.

ADMINISTRATORS, OPERATORS, ANALYSTS SOC_MANAGERS, MALWARE_ANALYSTS, DATA_PRIVACY_OFFICERS, RESPOND ADMINISTRATOR

Question 5

If you choose "Stop Rule Processing" in your Application Rule definition, which of the following are action choices? (Choose three)

Options:

A.

Keep

B.

Filter

C.

Truncate

D.

Index

E.

Transient

F.

Remove

Question 6

What of the following components can be used to set up external authentication for RSA NetWitness?

Options:

A.

AAoP

B.

Broker

C.

Spectrum

D.

PAM

Question 7

What are three important things to configure on a Log Decoder'?

Options:

A.

Capture Auto-Start. Service Parsers, Capture Interface

B.

Capture Settings. Aggregation Auto-Start. Profile settings

C.

Investigation Settings. Capture Settings. Service Parsers

D.

Aggregation Auto-Start. Capture Settings. Investigation Settings

Question 8

To add an action to the right-click menu in the Investigation Ul. create a

Options:

A.

Right-click action

B.

Profile

C.

Context Hub List

D.

Context Menu Action

Question 9

Where do you define dynamic charts for real-time display in Dashboards?

Options:

A.

Default Dashboard

B.

MONITOR > Reports > Manage > Charts

C.

MONITOR > Reports > Charts > View

D.

CONFIGURE > ESA Rules

Question 10

Administrators can use the Profile feature to limit views with (Choose three)

Options:

A.

Meta groups

B.

Custom column groups

C.

Assigned pre-queries

D.

Automated role assignment

E.

Data privacy policies

F.

List view

Load More 050-11-CARSANWLN01 Questions 
Page: 1 / 7
Total 71 questions
Get 050-11-CARSANWLN01 Full Access Download 050-11-CARSANWLN01 PDF