Labour Day Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Login / Register

Question # 4

If you choose "Stop Rule Processing" in your Application Rule definition, which of the following are action choices? (Choose three)

A.

Keep

B.

Filter

C.

Truncate

D.

Index

E.

Transient

F.

Remove

Full Access
Question # 5

Which of the following statements is true regarding Packet-based analysis in general?

A.

Packet-based analysis is required for viewing log and session data

B.

Packet-based analysis is based on metadata capture reduced to packets

C.

Packet-based analysis can be accomplished with common tools such as Wireshark

D.

Packet-based analysis is accomplished using the table-map xml file

Full Access
Question # 6

What happens when you set the metadata associated with a parser to Transients

A.

Transient means the Decoder is using the parser to parse traffic, and the generated metadata is not stored on disk

B.

Transient means the Decoder is using the parser to parse traffic, and the generated metadata is retained on disk for 24 hours

C.

Transient means the Decoder is using the parser only to filter out data, not to generate metadata

D.

Transient means the Decoder is using the parser only for ESA

Full Access
Question # 7

When NetWitness receives a log from an event source that does not currently exist in the Admin. Event Sources list, what does it do?

A.

Writes the log to the Archiver but not the Decoder

B.

Parses the log to the Decoder, but in transient mode only

C.

Adds the new Event Source to the existing list of Event Sources

D.

Ignores the log altogether

Full Access
Question # 8

Where do you define dynamic charts for real-time display in Dashboards?

A.

Default Dashboard

B.

MONITOR > Reports > Manage > Charts

C.

MONITOR > Reports > Charts > View

D.

CONFIGURE > ESA Rules

Full Access
Question # 9

Parsers can be enabled on which of the following?

A.

Packet Decoder only

B.

Packet Decoder and Log Decoder

C.

Packet Decoder and Log Decoder and Concentrator

D.

Packet Decoder and Log Decoder and Concentrator and Broker

Full Access
Question # 10

In what order are filters evaluated as data flows through the Decoder?

A.

Feeds. Network Rules. LUA Parsers. Application Rules. BPF

B.

Feeds. Network Rules. BPF. Application Rules, LUA Parsers

C.

Network Rules. Feeds. Application Rules. BPF, LUA Parsers

D.

BPF. Network Rules. LUA Parsers. Feeds. Application Rules

Full Access