![]() How can you prevent specific sensor events from being saved to the SIEM database? * Action Taxonomy Directives Policy. Which file format is used to import assets from the web interface * Sql + Json Csv. What are aceptable methods for sustaining good performance when considering the database? Choose 2 answers * Configuring alarm data retention Running tools such as “ossim-repairs-tables” on a weekly basis Setting retention limits on the normalized data retained in the SIEM database Creating custom view in the SIEM console. ![]() Raw Windows log, HIDS decoder, HIDS rule, Alienvault HIDS datasource plugin Raw Windows log, Alienvault HIDS datasource plugin, HIDS decoder. Raw Windows log, HIDS decoder, HIDS rule, policy. What is the path from a Windows log via HIDS (OSSEC) agent to the security events (SIEM) console? * HIDS rule, raw Windows log, Alienvault HIDS datasource plugin. Twice as muchdisk capacity to store tickets. Twice as much database resource to store SIEM events. Twice as much disk capacity to store raw logs. What is a Benefit of deploying two dedicated USM Logger appliances? * Twice as much netflow data can be processed. What method should be used to check how long a user has been logged into USM appliance web interface? * Under configuration> Administration> activity, check under the sessión_Age columna From the command line, use command “.who -i” Under settings >current sessions, the logon column shows the time the user logged in dFrom the command line, use command “alienvault-api –show-sessions”. Which options can trigger a ticket in Alienvault USM? Choose three options Directive Alert Enabling alarm to ticket Custom view Policy actions Vulnerability scan Schedule report. In which two áreas of the Alienvault USM web interface can you review user activity? Choose 2 answers * Settings Detection Reports Assets. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |