March Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

RSA 050-11-CARSANWLN01 RSA NetWitness Logs & Network Administrator Exam Exam Practice Test

RSA NetWitness Logs & Network Administrator Exam Questions and Answers

Question 1

Service Groups are used primarily for

Options:

A.

grouping metadata from specified hosts

B.

deploying Live resources to specified services

C.

grouping hosts for batch configuration

D.

grouping hosts for monitoring performance in the Health and Wellness view

Question 2

Which RSA NetWitness component captures and parses data off the wire?

Options:

A.

Packet Decoder

B.

Broker

C.

Concentrator

D.

Log Decoder

Question 3

What is the main purpose of creating a meta group?

Options:

A.

Isolate log data

B.

Perform Visualization analysis

C.

Eliminate unneeded keys

D.

Increase the amount of data available for analysis

Question 4

Where do you define dynamic charts for real-time display in Dashboards?

Options:

A.

Default Dashboard

B.

MONITOR > Reports > Manage > Charts

C.

MONITOR > Reports > Charts > View

D.

CONFIGURE > ESA Rules

Question 5

To add an action to the right-click menu in the Investigation Ul. create a

Options:

A.

Right-click action

B.

Profile

C.

Context Hub List

D.

Context Menu Action

Question 6

Which of the following choices describes a fundamental unit of network traffic transmitted from one IP device to another?

Options:

A.

Packet

B.

Chart

C.

Session

D.

Schedule

Question 7

To automate incident creation of alerts in the Respond interface, create

Options:

A.

ESA Rules

B.

Respond Rules

C.

Incident Rules

D.

Reporting Rules

Question 8

When storage on the core devices fills to capacity, what happens?

Options:

A.

new traffic cannot be ingested

B.

the decoder leverages capacity in the concentrator, and collection continues

C.

the decoder leverages capacity in the broker, and collection continues

D.

the oldest stored sessions are deleted and collection continues

Question 9

Which of the following statements is true regarding Packet-based analysis in general?

Options:

A.

Packet-based analysis is required for viewing log and session data

B.

Packet-based analysis is based on metadata capture reduced to packets

C.

Packet-based analysis can be accomplished with common tools such as Wireshark

D.

Packet-based analysis is accomplished using the table-map xml file

Question 10

Which of the following rule types relies on two or more events occurring within a specified window of time?

Options:

A.

Network Rule

B.

Application Rule

C.

Correlation Rule

D.

BPF Filter Rule