Passed NOVELL 050-728 Exam with Pass4sure and Lead2pass PDF & VCE (11-20)

Passed NOVELL 050-728 Exam with Pass4sure and Lead2pass PDF & VCE (11-20)

QUESTION 11
Which are standard methods in creating Incidents? (Choose 3)

A.    Create an incident from a dynamic list
B.    Start an iTrac process with an import events step.
C.    Create an empty incident and populate it with events
D.    Generate a Crystal Report and click the create Incident link.
E.    Use custom filter scripts to configure collectors to create an incident
F.    Select events from within an active view and add to an existing incident
G.    Associate a preconfigured correlation action to create an incident when a rule fires

Answer: CFG
Explanation:
C: To create an Incident:
/ Click Incidents > Create Incident, or click Create Incident button on the Tool Bar. The New Incident window displays.

image
Etc
F: In a Real Time Event Table of the Navigator or a Snapshot Real Time Event Table, select an
event or a group of events and right-click and select Create Incident.
G: Create Incident
Figure, Configure Action- Create Incident

image
This type of action can only be used in Correlation deployments

QUESTION 12
By which method do the Collector managers use to connect to the iScale Message Bus? (Choose 2)

A.    FTP
B.    SNMP
C.    Proxy
D.    Direct
E.    Advanced script

Answer: CD
Explanation:
There are two communication options available when installing the Collector Manager:
* Connect directly to the message bus (default)
* Connect to the message bus through the proxy:

QUESTION 13
You have modified your Collectors so they put Department in a custom variable (CV68) when you open an Active view, the column is still labeled CV66. Which menu options would you use to change the column label to Department?

A.    Active view > properties
B.    Admin > event Configuration
C.    Active views > Event Management
D.    Event Source management > Columns

Answer: D

QUESTION 14
Which feature allows you to dynamically filter and drill down in a set of historical events?

A.    Raw Data Tap
B.    Active Browser
C.    Historical Event Query
D.    Crystal Reports on Analysis tab

Answer: C

QUESTION 15
Which compatible variable types are used in iTRAC templates? (Choose 3)

A.    Bye
B.    Word
C.    Class
D.    Charo
E.    String
F.    Integer
G.    Boolean

Answer: EFG
Explanation:
Variables
The user can also be asked to set one or more variables to appropriate values. Four variable types
can be assigned to manual steps: (1) Integer, (2) Boolean, (3) String and (4) Float.

QUESTION 16
Which of the following RuleLG commands acts as an AND function?

A.    Flow
B.    Union()
C.    Sequence()
D.    Intersection()

Answer: D

QUESTION 17
Active views can be viewed by which chart types? (Choose 2)

A.    Ribbon
B.    Public: All
C.    Virtual mode
D.    Severity Level
E.    Stacked Bar 2D

Answer: AE
Explanation: Under the Chart Types tab, you can set your chart to Stacked Bar2D, Bar 3D, Line or Ribbon.

image

QUESTION 18
Which statement is true regarding Transaction?

A.    A transaction does not support timeouts.
B.    A transaction connects two steps in workflow template
C.    A transaction imports additional events into an iTRAC process
D.    A transaction modifies the template at the beginning or end of the process

Answer: AC

QUESTION 19
You have created a custom .csv file to match IP addresses in your network to Department name and point of Contact. Which tools do you need to use in order to include Department Name and point of Contact in your incoming event stream from the Collectors? (Choose 2)

A.    Filter Manager
B.    Correlation Engine
C.    Event configuration
D.    Mapping configuration
E.    Event Source Management

Answer: CD
Explanation:
C: Event Configuration include Event Mapping.
D: Event Mapping is a mechanism that allows you to add data to an event by using data already in the event to reference and pull in data from an outside source.
Note:
* A map is a collection of values and keys defined in a CSV or text file. You can enrich your data by using maps. With the help of maps you can add additional information to the incoming events from your source device.
* Sentinel injects business-relevant contextual data directly into the event stream. It includes up to 135 customizable fields where users can add in asset specific information such as business unit, owner, asset value, geography. After this information is added into the system, all other components can take advantage of the additional context.
* The Collectors parse the data and deliver a richer event stream by injecting taxonomy, exploit
detection and business relevance into the data stream before events are correlated and analyzed and sent to the database.
Incorrect:
Not B: The Correlation Engine (correlation_engine) process receives events from the Collector Manager
and publishes correlated events based on user-defined correlation rules.

QUESTION 20
You want to create a correlation action that executes a JavaScript action. Which option should you choose?

A.    Create java
B.    Create Incident
C.    Execute a Script
D.    Execute a command

Answer: D

If you want to pass NOVELL 050-728 successfully, donot missing to read latest lead2pass NOVELL 050-728 dumps.
If you can master all lead2pass questions you will able to pass 100% guaranteed.

http://www.lead2pass.com/050-728.html

         

Author: admin