Highlighted
Lieutenant
Lieutenant
1898 views

Dumps for Arcsight 6.5 Admin n Analyst

Hi All,

I have planned to give Arcsight 6.5 Admin n Analyst certification next month,

I have gone through admin guides but I need dumps as practise before exam.

Please suggest or share dumps if any one have.

Regards,

Gagan

0 Likes
8 Replies
Highlighted
Absent Member.
Absent Member.

Hi GAGAN,

Here is dumps for practice.

Hope this will be helpful.

Regards,

Deepak  kr. Ray

0 Likes
Highlighted
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class

HP0-M55 and 54 is not valid anymore.

Below are new exams for Admin and Analyst. And I wouldn't recommend any dumps, rather spend time on console and CC. Your experience with product will make you pass.

HP0-A100

HP0-A116

0 Likes
Highlighted
Lieutenant
Lieutenant

Thanks Deepak and Anwar for sharing dumps and advise .I will surely extract valuable information from dumps provided and go through guides as well

0 Likes
Highlighted
Absent Member.
Absent Member.

Hi Anwar,

My friend has given exam this week and he got 15% question from HP0-M55 and 54.

0 Likes
Highlighted
Absent Member.
Absent Member.

Hi All,

Could anyone share the A116 exam pattern.

Thanks,

Sandeep

0 Likes
Highlighted
Absent Member.
Absent Member.

Hi Sandeep,

Exam ID HP0-A116

Exam type Proctored exam taken at

dedicated testing center

Exam

duration

1 hour 30 minutes

Exam length 60 questions

Passing score 65%

Delivery

languages

English

Register for this Exam

You will need an HP Learner ID and a Pearson VUE

login and password.

Exam contents

This exam has 60 questions. Here are types of questions to expect:

Multiple choice (multiple responses)

Multiple choice (single response)

Tips for taking this exam

This certification exam is designed for candidates with “on the job”

experience. The associated training course, which usually includes labs,

provides a knowledge foundation; however, it is highly recommended that you

also have some hands-on, real-world ESM product experience.

This exam assesses whether you have the knowledge and skills to navigate

and utilize the ArcSight ESM products as a security solution in a business development and production environment.

Take the time to read the entire question and consider all of the options carefully before you answer. If the question indicates that it

features an exhibit, study the exhibit and reread the question. Make sure to select the answer that correctly responds to the question

that is asked — not simply an answer that includes some correct information. If the question asks for more than one answer,

remember to select each correct answer. You will not receive partial credit for a partially correct answer.

Supporting courses

These recommended courses help you prepare for the exam:

Option 1

00924200: HP ArcSight ESM 6.5 Security Administrator and Analyst

Option 2

00989460: ArcSight ESM 6.5 Administrator and Analyst - ATP (Virtual Classroom)

Additional study materials

ArcSight ESM 6.5c Administrator Guide

ArcSight ESM 6.5c ArcSight Console Guide

ArcSight ESM 6.5c ArcSight Command Center User Guide

ArcSight ESM 6.5c ArcSight Web User Guide

ArcSight ESM 6.5c Installation and Configuration Guide

ArcSight ESM 6.5c Standard Content Guide

ArcSight SmartConnectors User Guide

Objectives

This exam validates that you can successfully perform the following:

Sections/Objectives

2% Introduction to ESM 6.5

Define ESM User Roles

List ArcSight Components, Interfaces, Information Resources

8% ArcSight Event Schema and Life Cycle

Describe ESM Event Schema and Schema Groups

Identify ArcSight Event LifeCycle Phases and Schema population

5% ArcSight ESM Install and Configuration

Describe Pre-Install Requirements

Identify Install Process (Installation / Configuration Wizards)

Describe reconfiguration and upgrade methods

9% ArcSight ESM Console

Describe Login, user preference, and main tool bar facilities

Navigate Resource trees, Viewer and Edit/Inspect Panels

Access built-in documentation and reference resources.

7% ArcSight Command Center

Login, navigate main tab menus and use the Help Facility

Access dashboards, Event Search, Reports, and Workflow Cases

Navigate Administrative facilities for ESM system configuration, connector status, and event storage and archive

3% ArcSight Web Interface

Login to the Home Page and use the Help Facility

Access Dashboards, Reports, Active Channels and Notifications

9% Active Channels, Filters and Field Sets

Access Active Channels and modify filters and field sets

Use Right-click menus and Event Investigation facilities

8% ESM Rules and Lists

Differentiate Simple vs Join Types Rules, Real-time vs Scheduled Rules

Edit Rule attributes, including Conditions, Aggregation, Actions, and Triggers

Explain the use of Active Lists and Session Lists

8% Dashboards and Data Monitors

Access dashboards and interpret data monitor displays

Describe the benefits of using IdentityView

Explain Drill down to Active Channels

6% Query Viewers

Describe Query Viewer usage

Edit Query Viewers, establish baselines and define drilldowns

6% ESM Reports

Enter Report Runtime parameters, run and archive reports

Edit focused reports and delta reports

Establish and manage report scheduling and distribution

4% Workflow Cases

Describe Workflow Case management

Access existing cases, view events, add attachments and notes

Add a new case, follow upon a case , and finalize a case

5% User Administration

Create ESM Users and User Groups

Explain the Administration of ACLs (Access Control Lists)

Apply ArcSight Password Policy settings

3% User Notifications

Describe Notification functions and resources

Access, modify and configure Notifications

3% Use Case Resources

Describe Use Case concepts

Differentiate Standard Content, Productized/Compliance and Consultant-provided use case deployment

Configure and modify Standard Content Use Cases

4% ArcSight Content Management

Creating ArcSight Packages

Configuring ESM Peering

Establishing manual or scheduled ESM Content Push, Synchronization, and Tracking

8% Event Search, Filters and Saved Searches

Search Events using the Search Builder/Advanced Search tools

Display Search Results and select output options

Export and distribute Search Results

2% ArcSight Support Resources

Access HP ArcSight Support Facilities

Describe Administrative and Support-related resources

Sections/Objectives

Sample questions

Use the following questions to help assess whether you are ready to take the exam. Answers to these sample questions are

provided at the end of this guide.

1. What is the purpose of the ArcSight Enterprise Security Manager (ESM)?

a. enables security integration between disparate devices

b. enables situational awareness and visibility of the security risks across an organization

c. enables a security bus such that devices may communicate

d. enables security device management using a common browser-based Management Console

2. Which user role evaluates reports to determine if corporate objectives or initiatives are met?

a. operator

b. author

c. business user

d. administrator

3. Which component describes the SSL protocol used by the ArcSight Manager to communicate with ArcSight Consoles

and SmartConnectors?

a. System Smart Link

b. Secure Synchronous Layer

c. Standard Secure Link

d. Secure Sockets Layer

4. What are the five criteria that are used to calculate the ArcSight Priority Formula?

a. Behavior, Outcome, Technique, Device Group, and tupleSignificance

b. eventSource, eventDestination, AttackerID, Target Exposure, and deviceProfile

c. Model Confidence, Relevance, Severity, Asset Criticality, and agentSeverity

d. Vulnerability, Penetration History, Critical Zone, Asset Category, and eventSeverity

5. When is a simple rule triggered?

a. when events are aggregated more than three times

b. when scanned events match a configured set of conditions

c. when the number of events exceeds a timeout window

d. when correlation events exceed a threshold setting

6. What is the purpose of the Time Window Expiration (TWE) function in ESM?

a. escalates an Alert Notification to the next level

b. determines the duration for a Rule Threshold

c. establishes an Active List TTL (Time To Live)

d. allows individual entries in Session Lists to expire

7. Which functions do Active Lists provide to ArcSight ESM? (Select two.)

a. generate and push categorization profiles to SmartConnectors

b. populate specified Session Lists either manually or on schedules

c. convert directly to Report Queries for long-term trending

d. reduce system memory use by reducing rule partial matches

e. export and import to other ESM instances through CSV files

Answers

This section provides answers to and references for the sample questions.

1. What is the purpose of the ArcSight Enterprise Security Manager (ESM)?

a. enables security integration between disparate devices

b. enables situational awareness and visibility of the security risks across an organization

c. enables a security bus such that devices may communicate

d. enables security device management using a common browser-based Management Console

References

ArcSight ESM Administrator Analyst Training

Module 1 – Introduction to ESM 6.5

2. Which user role evaluates reports to determine if corporate objectives or initiatives are met?

a. operator

b. author

c. business user

d. administrator

References

ArcSight ESM Administrator Analyst Training

Module 1 – Introduction to ESM 6.5

3. Which component describes the SSL protocol used by the ArcSight Manager to communicate with ArcSight Consoles

and SmartConnectors?

a. System Smart Link

b. Secure Synchronous Layer

c. Standard Secure Link

d. Secure Sockets Layer

References

ArcSight ESM Administrator Analyst Training

Module 1 – Introduction to ESM 6.5

4. What are the five criteria that are used to calculate the ArcSight Priority Formula?

a. Behavior, Outcome, Technique, Device Group, and tupleSignificance

b. eventSource, eventDestination, AttackerID, Target Exposure, and deviceProfile

c. Model Confidence, Relevance, Severity, Asset Criticality, and agentSeverity

d. Vulnerability, Penetration History, Critical Zone, Asset Category, and eventSeverity

References

ArcSight ESM Administrator Analyst Training

Module 2 – ArcSight Event Schema and Life Cycle

5. When is a simple rule triggered?

a. when events are aggregated more than three times

b. when scanned events match a configured set of conditions

c. when the number of events exceeds a timeout window

d. when correlation events exceed a threshold setting

References

ArcSight ESM Administrator Analyst Training

Module 8 – ESM Rules and Lists

6. What is the purpose of the Time Window Expiration (TWE) function in ESM?

a. escalates an Alert Notification to the next level

b. determines the duration for a Rule Threshold

c. establishes an Active List TTL (Time To Live)

d. allows individual entries in Session Lists to expire

References

ArcSight ESM Administrator Analyst Training

Module 8 – ESM Rules and Lists

7. Which functions do Active Lists provide to ArcSight ESM? (Select two.)

a. generate and push categorization profiles to SmartConnectors

b. populate specified Session Lists either manually or on schedules

c. convert directly to Report Queries for long-term trending

d. reduce system memory use by reducing rule partial matches

e. export and import to other ESM instances through CSV files

With Regards,

Venkatesh V.

0 Likes
Highlighted
Vice Admiral
Vice Admiral

Thanks Venkatesh

--SUBIN--
0 Likes
Highlighted
Absent Member.
Absent Member.

Even I have PDF but didn't find any way to attach here. hence copy pasted the content.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.