767 お客様のコメント
質問 1:
Which two fields combine to create the Urgency of a notable event?
A. Priority and Criticality.
B. Criticality and Severity.
C. Priority and Severity.
D. Precedence and Time.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
How is it possible to specify an alternate location for accelerated storage?
A. Update the Home Path setting in indexes, conf
B. Use the tstatsHomePath Setting in indexes, conf
C. Use the tstatsHomePath setting in props, conf
D. Configure storage optimization settings for the index.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
ES needs to be installed on a search head with which of the following options?
A. All apps removed except for TA-*.
B. Only default built-in and CIM-compliant apps.
C. No other apps.
D. Any other apps installed.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
An administrator is asked to configure an "Nslookup" adaptive response action, so that it appears as a selectable option in the notable event's action menu when an analyst is working in the Incident Review dashboard. What steps would the administrator take to configure this option?
A. Configure -> Content Management -> Type: Correlation Search -> Notable -> Recommended Actions
-> Nslookup
B. Configure -> Content Management -> Type: Correlation Search -> Notable -> Nslookup
C. Configure -> Content Management -> Type: Correlation Search -> Notable -> Next Steps -> Nslookup
D. Configure -> Type: Correlation Search -> Notable -> Recommended Actions -> Nslookup
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
What should be used to map a non-standard field name to a CIM field name?
A. Search time extraction.
B. Field alias.
C. Eventtype.
D. Tag.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
What feature of Enterprise Security downloads threat intelligence data from a web server?
A. Threat Intelligence Parser
B. Threat Download Manager
C. Threat Service Manager
D. Therat Intelligence Enforcement
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
Which two fields combine to create the Urgency of a notable event?
A. Priority and Criticality.
B. Criticality and Severity.
C. Priority and Severity.
D. Precedence and Time.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
How is it possible to specify an alternate location for accelerated storage?
A. Update the Home Path setting in indexes, conf
B. Use the tstatsHomePath Setting in indexes, conf
C. Use the tstatsHomePath setting in props, conf
D. Configure storage optimization settings for the index.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
ES needs to be installed on a search head with which of the following options?
A. All apps removed except for TA-*.
B. Only default built-in and CIM-compliant apps.
C. No other apps.
D. Any other apps installed.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
An administrator is asked to configure an "Nslookup" adaptive response action, so that it appears as a selectable option in the notable event's action menu when an analyst is working in the Incident Review dashboard. What steps would the administrator take to configure this option?
A. Configure -> Content Management -> Type: Correlation Search -> Notable -> Recommended Actions
-> Nslookup
B. Configure -> Content Management -> Type: Correlation Search -> Notable -> Nslookup
C. Configure -> Content Management -> Type: Correlation Search -> Notable -> Next Steps -> Nslookup
D. Configure -> Type: Correlation Search -> Notable -> Recommended Actions -> Nslookup
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
What should be used to map a non-standard field name to a CIM field name?
A. Search time extraction.
B. Field alias.
C. Eventtype.
D. Tag.
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
What feature of Enterprise Security downloads threat intelligence data from a web server?
A. Threat Intelligence Parser
B. Threat Download Manager
C. Threat Service Manager
D. Therat Intelligence Enforcement
正解:B
解説: (Pass4Test メンバーにのみ表示されます)
Eguchi -
効率よくポイントを絞った勉強をすることができます。無事に合格できた