050-11-CARSANWLN01 exam

To add an action to the right-click menu in the Investigation Ul. create aA . Right-click actionB . ProfileC . Context Hub ListD . Context Menu ActionView AnswerAnswer: D

Which of the following choices is defined as being a delineated set of network data units that comprise a transaction from start to finish'?A . FrameB . PacketC . SessionD . TokenView AnswerAnswer: C

Which of the following choices describes a fundamental unit of network traffic transmitted from one IP device to another?A . PacketB . ChartC . SessionD . ScheduleView AnswerAnswer: A

Where do you define dynamic charts for real-time display in Dashboards?A . Default DashboardB . MONITOR > Reports > Manage > ChartsC . MONITOR > Reports > Charts > ViewD . CONFIGURE > ESA RulesView AnswerAnswer: B

To customize your query display in Events View, createA . Custom Meta GroupsB . Custom Column GroupsC . ProfilesD . DashletsView AnswerAnswer: B

The NetWitness Trust Model is based onA . User IDB . User RoleC . IP addressD . Hardware addressView AnswerAnswer: B

Which of the following rule types relies on two or more events occurring within a specified window of time?A . Network RuleB . Application RuleC . Correlation RuleD . BPF Filter RuleView AnswerAnswer: C

Service Groups are used primarily forA . grouping metadata from specified hostsB . deploying Live resources to specified servicesC . grouping hosts for batch configurationD . grouping hosts for monitoring performance in the Health and Wellness viewView AnswerAnswer: B

What are the data sources available in RSA NetWitness when creating a Reporting Engine rule?A . Short, Long, TruncatedB . IPDB, ODBC, FileReaderC . Broker, Concentrator, DecoderD . NetWitness DB, Warehouse DB, Respond DBView AnswerAnswer: D

What types of data can the Archiver store?A . Raw Log onlyB . Raw Log and Log MetaC . Raw Log, Log Meta. Packet MetaD . Raw Log. Log Meta. Raw Packet. Packet MetaView AnswerAnswer: D