RSA 050-V37-ENVCSE01 Exam

Exam Number/Code : 050-V37-ENVCSE01 Exam Name : CSE RSA enVision Essentials (new update) Questions and Answers : 97 Q&As Update Time: 2010-04-02

 

1. Why would the checkbox of a device type be grayed out On the Manage Device Types screen? (Check the one
best answer.)
A. It's not licensed
B. Device is unknown but data can be collected
C. Device is known but not compatible with enVision
D. Device is associated with a monitored device within the NIC domain
Answer: D

2. When creating a new enVision user account, which User Group is the account added to by default? (Check the one
best answer.)
A. Report-users
B. Administrators
C. Temporary-users
D. All-applications-users
Answer: D

3. Which RSA enVision module is used to configure the enVision system as well as to monitor its health and
performance? (Check the one best answer.)
A. Overview module
B. Alerts Module
C. Analysis Module
D. Reports Module
Answer: A

4. After creating a customized Report Menu system, which RSA enVision service(s) need to be re-started?
A. Only the NIC Webserver Service
B. The NIC Webserver and NIC Server Services
C. The NIC Webserver, NIC Server and NIC Locator Services
D. The NIC Webserver, NIC Server, NIC Locator, and NIC Packager Services
Answer: A

5. When initially setting up a multiple appliance site, only the D-SRV unit is connected to a LAN ?all of the other units
in the site then connect directly to the D-SRV.
A. True
B. False
Answer: B

6. True or false. If a conflict exists with the default enVision collection port after appliance installation, the Collector
Service can be modified to configure event collection on a different port.
A. True
B. false
Answer: A

7. In RSA enVision UDS development, Value Maps, Regular Expressions, and Functions are types of which of the
following? (Check the one best answer.)
A. Data Reduction
B. XML Parsing Rules
C. Conditional Variables
D. Summary Data Buckets
Answer: C

8. When planning an RSA enVision installation, which statements below about the Site Name are important
considerations? (Check two answers.)
A. The Site Name must match an enVision domain name
B. The Site Name must be unique within an enVision domain and cannot be the same as the customer's NetBIOS
domain name
C. The Site Name must not contain any numeric or punctuation characters
D. The Site Name must have the same suffix as the Windows domain in which it resides
E. The Site Name must not match the name of any existing Windows domain in the network
Answer: BE

9. When would you expect a difference between the log information captured by RSA enVision and the log information
generated by a device? (Check the one best answer.)
A. When the source IP address of the device is unknown to enVision.
B. When the device is configured to send only certain events to syslog.
C. When "Collect All Logs" is left unchecked in the Manage Devices screen.
D. When the device is a known device and enVision recognizes the events to be non-critical.
Answer: B

10. How many Remote Collectors (RC) can each Database Server (D-SRV) support? (Check the one best answer.)
A. Eight (8)
B. Ten (10)
C. Sixteen (16)
D. Thirty two (32)
Answer: C

11. What are three steps that are part of the device interpretation process using UDS? (Check the three best
answers.)
A. Configure devices to send log data to RSA enVision
B. Device identification (i.e. vendor, device name, class, sub-class, etc.)
C. Identification of device collection method
D. Message definition
E. List of known vulnerabilities
F. Data parsing
Answer: BDF

12. What does RSA enVision do when it is set to auto-discover new devices? (Check the one best answer.)
A. Adds new supported devices automatically to the list of monitored devices in the Manage Monitored Devices
screen
B. Temporarily holds in the "New Device" cache and begins to collect data after it is approved by an administrator
C. RSA enVision alerts members of the "administrators" group to add a new device to the list of monitored devices
D. RSA enVision automatically exports device attributes to an XML file for an administrator to review
Answer: A

13. The administrator can use the RSA enVision's user authentication feature to complete what tasks? (Check two
answers.)
A. Use an existing Microsoft Active Directory authentication server
B. Associate administrative users with an authentication server
C. Require enVision users to change passwords on a periodic basis
D. Enforce a pre-defined set of 'prohibited passwords' based on a dictionary file
E. Utilize existing domain authenticated user accounts as the basis for enVision user accounts
Answer: AE

14. When setting up a Check Point firewall device, which of the following is a good practice that should be completed
first? (Check the one best answer.)
A. Stop and restart the Check Point Firewall Service
B. Stop and restart the enVision NIC Collector Service
C. Verify that the Check Point Log Viewer is receiving events
D. Set an 8-character key to establish an authenticated connection
Answer: C

15. In the RSA enVision UDS process, what is the purpose of performing Data Reduction steps? (Check the one best
answer.)
A. Improve speed and efficiency of data processing
B. Compress unsupported device data prior to storage
C. Apply ISO-approved abbreviations to message text strings
D. Decrease the rate that unsupported device data is collected
Answer: A

16. What happens if an event source device type is not immediately recognized by RSA enVision? (Check the one
best answer.)
A. It will be defined as "unknown" and for a limited time enVision will collect event data it generates
B. Data from that device will be discarded until the device type can be defined
C. An alert is generated by default to call an administrator's attention to the device
D. The UDS Service will create a parsing XML file for the device and place data in the NIC Parse Cache
Answer: A

17. When opening a connection in Event Explorer, you can define which of the following features? (Check the three
correct answers.)
A. Devices
B. Event categories
C. Log messages
D. Time frame
E. Local collector
Answer: ABD

18. What two tasks does UDS complete when the command "uds reate" is executed to create a device? (Check the
two best answers.)
A. Creates the files .ini, client.txt, vendor.txt and msg.xml
B. Immediately starts collecting data from the new device
C. Identifies all associated devices that have been configured
D. Create all directory structures required for the device
E. Lists all devices to verify that the device does not already exist
Answer: AD

19. The UDS development process involves which of the following tasks? (Check two answers.)
A. Verifying XML syntax and parsing
B. Using XML to convert device logs to IPDB format
C. Mapping a device name to an existing enVision device
D. Creating an XML file to define header and message information
Answer: AD

20. If a customer has a specific syslog that they would like to use as part of a demonstration, you can load it into
enVision for reporting and querying using which of the following? (Check the one best answer.)
A. The lsdata utility to import the syslog file
B. Copying the syslog file into the IPDB data directory
C. Using the Data Injector utility to collect data from the syslog file
D. Using the Custom Reports ?View External Data function of the administrative GUI
Answer: C

 

050-V60X-CSEDLPS Braindumps
050-V37-ENVCSE01 CSE RSA enVision Essentials (new update)
050-V710-SESECURID CSE RSA SecurID 7.1
050-V60X-CSEDLPS CSE RSA Data Loss Prevention 6.0
050-V70-CSEDLPS RSA Data Loss Prevention Certified System Engineer 7.x Exam

我正在玩搜狐微博，快来“关注”我，了解我的最新动态吧。 "+userLink+""; $('miniAd').show(); } }, onFailure: function(){} }}); } showMiniAd();

来自 “ ITPUB博客 ” ，链接：http://blog.itpub.net/23867001/viewspace-664373/，如需转载，请注明出处，否则将追究法律责任。

转载于:http://blog.itpub.net/23867001/viewspace-664373/