ArcSight Quiz
ArcSight Quiz contain set of 10 MCQ questions for ArcSight MCQ which will help you to clear beginner level quiz.
1. Filter condition statements are constructed using ArcSight’s Boolean Logic Editor, mostly known as?
- Common Conditions Editor
- Vi Editor
- VCE
- Event editor
2. Data Monitors
- Display summaries of events, Assets, and ESM status
- Display event data in numerous viewing layouts
- Both A and B
- None of the above
3. investigation option in arcsight console .
- Web Search
- Whois
- ping
- All of the above
4. The Manager handles the logic used to process events as objects called resources
- True
- False
5. Functions available for grouping and sorting.
- Count
- Min
- Total
- Both A and C
6. _____ are entries in an event-tracking system used to track, investigate, and resolve suspicious events.
- Cases
- Events
- Rules
- Triggers
7. Report Formats.
- rtf
- xlsx
- .bat
- .doc
8. Captured views or summaries of data that you can view in multiple formats using either ESM Console or ArcSight Web.
- Reports.
- Rules
- Forms
- Views
9. Types of Rule triggers.
- Event
- Threshold
- Time
- All of the Above
10. In the Active Channel Editor under Filter tab, you can specify an unnamed condition that is applied only to the current active channel.
- True
- False
