Exam Title

: RSA 050-V37-ENVCSE01 : CSE RSA enVision Essentials (new update)

Version : R6.1

www.Prepking.com

Prepking - King of Computer Certification Important Information, Please Read Carefully

Other Prepking products A) Offline Testing engine Use the offline Testing engine product to practice the questions in an exam environment. B) Study Guide (not available for all exams) Build a foundation of knowledge which will be useful also after passing the exam. Latest Version We are constantly reviewing our products. New material is added and old material is updated. Free updates are available for 90 days after the purchase. You should check your member zone at Prepking and update 3-4 days before the scheduled exam date. Here is the procedure to get the latest version: 1.Go towww.Prepking.com 2.Click on Member zone/Log in (right side) 3. Then click My Account 4.The latest versions of all purchased products are downloadable from here. Just click the links. For most updates,it is enough just to print the new questions at the end of the new version, not the whole document. Feedback If you spot a possible improvement then please let us know. We always interested in improving product quality. Feedback should be send to feedback@Prepking.com. You should include the following: Exam number, version, page number, question number, and your login ID. Our experts will answer your mail promptly. Copyright Each PDF file contains a unique serial number associated with your particular name and contact information for security purposes. So if we find out that a particular PDF file is being distributed by you, Prepking reserves the right to take legal action against you according to the International Copyright Laws. Explanations This product does not include explanations at the moment. If you are interested in providing explanations for this exam, please contact feedback@Prepking.com.

www.Prepking.com

 1. What happens if an event source device type is not immediately recognized by RSA enVision? the one best answer.) A. It will be defined as "unknown" and for a limited time enVision will collect event data it generates B. Data from that device will be discarded until the device type can be defined C. An alert is generated by default to call an administrator's attention to the device D. The UDS Service will create a parsing XML file for the device and place data in the NIC Parse Cache Answer: A (Check

2. When setting up a Check Point firewall device, which of the following is a good practice that should be completed first? (Check the one best answer.)

A. Stop and restart the Check Point Firewall Service B. Stop and restart the enVision NIC Collector Service C. Verify that the Check Point Log Viewer is receiving events D. Set an 8-character key to establish an authenticated connection Answer: C

3. How many Remote Collectors (RC) can each Database Server (D-SRV) support? (Check the one best answer.) A. Eight (8) B. Ten (10) C. Sixteen (16) D. Thirty two (32) Answer: C

4. After creating a customized Report Menu system, which RSA enVision service(s) need to be re-started? A. Only the NIC Webserver Service B. The NIC Webserver and NIC Server Services C. The NIC Webserver, NIC Server and NIC Locator Services D. The NIC Webserver, NIC Server, NIC Locator, and NIC Packager Services Answer: A

www.Prepking.com

 5. When opening a connection in Event Explorer, you can define which of the following features? the three correct answers.) A. Devices B. Event categories C. Log messages D. Time frame E. Local collector Answer: ABD (Check

6. In the RSA enVision UDS process, what is the purpose of performing Data Reduction steps? the one best answer.) A. Improve speed and efficiency of data processing B. Compress unsupported device data prior to storage C. Apply ISO-approved abbreviations to message text strings D. Decrease the rate that unsupported device data is collected Answer: A

(Check

7. If a customer has a specific syslog that they would like to use as part of a demonstration, you can load it into enVision for reporting and querying using which of the following? A. The lsdata utility to import the syslog file B. Copying the syslog file into the IPDB data directory C. Using the Data Injector utility to collect data from the syslog file D. Using the Custom Reports ?View External Data function of the administrative GUI Answer: C (Check the one best answer.)

8. When planning an RSA enVision installation, which statements below about the Site Name are important considerations? (Check two answers.)

A. The Site Name must match an enVision domain name B. The Site Name must be unique within an enVision domain and cannot be the same as the customer's NetBIOS domain name

www.Prepking.com

 C. The Site Name must not contain any numeric or punctuation characters D. The Site Name must have the same suffix as the Windows domain in which it resides E. The Site Name must not match the name of any existing Windows domain in the network Answer: BE

9. Why would the checkbox of a device type be grayed out On the Manage Device Types screen? the one best answer.) A. It's not licensed B. Device is unknown but data can be collected C. Device is known but not compatible with enVision D. Device is associated with a monitored device within the NIC domain Answer: D

(Check

10. True or false. If a conflict exists with the default enVision collection port after appliance installation, the Collector Service can be modified to configure event collection on a different port. A. True B. false Answer: A

11. When would you expect a difference between the log information captured by RSA enVision and the log information generated by a device? (Check the one best answer.)

A. When the source IP address of the device is unknown to enVision. B. When the device is configured to send only certain events to syslog. C. When "Collect All Logs" is left unchecked in the Manage Devices screen. D. When the device is a known device and enVision recognizes the events to be non-critical. Answer: B

12. In RSA enVision UDS development, Value Maps, Regular Expressions, and Functions are types of which of the following? A. Data Reduction (Check the one best answer.)

www.Prepking.com

 B. XML Parsing Rules C. Conditional Variables D. Summary Data Buckets Answer: C

13. Which RSA enVision module is used to configure the enVision system as well as to monitor its health and performance? A. Overview module B. Alerts Module C. Analysis Module D. Reports Module Answer: A (Check the one best answer.)

14. When initially setting up a multiple appliance site, only the D-SRV unit is connected to a LAN ?all of the other units in the site then connect directly to the D-SRV. A. True B. False Answer: B

15. When creating a new enVision user account, which User Group is the account added to by default? (Check the one best answer.) A. Report-users B. Administrators C. Temporary-users D. All-applications-users Answer: D

16. What are three steps that are part of the device interpretation process using UDS? best answers.) A. Configure devices to send log data to RSA enVision

(Check the three

www.Prepking.com

 B. Device identification (i.e. vendor, device name, class, sub-class, etc.) C. Identification of device collection method D. Message definition E. List of known vulnerabilities F. Data parsing Answer: BDF

17. The administrator can use the RSA enVision's user authentication feature to complete what tasks? (Check two answers.) A. Use an existing Microsoft Active Directory authentication server B. Associate administrative users with an authentication server C. Require enVision users to change passwords on a periodic basis D. Enforce a pre-defined set of 'prohibited passwords' based on a dictionary file E. Utilize existing domain authenticated user accounts as the basis for enVision user accounts Answer: AE

18. What two tasks does UDS complete when the command "uds reate" is executed to create a device? (Check the two best answers.) A. Creates the files <devicename>.ini, <devicename>client.txt, <devicename>vendor.txt and

<devicename>msg.xml B. Immediately starts collecting data from the new device C. Identifies all associated devices that have been configured D. Create all directory structures required for the device E. Lists all devices to verify that the device does not already exist Answer: AD

19. The UDS development process involves which of the following tasks? A. Verifying XML syntax and parsing B. Using XML to convert device logs to IPDB format C. Mapping a device name to an existing enVision device

(Check two answers.)

www.Prepking.com

 D. Creating an XML file to define header and message information Answer: AD

20. What does RSA enVision do when it is set to auto-discover new devices? answer.)

(Check the one best

A. Adds new supported devices automatically to the list of monitored devices in the Manage Monitored Devices screen B. Temporarily holds in the "New Device" cache and begins to collect data after it is approved by an administrator C. RSA enVision alerts members of the "administrators" group to add a new device to the list of monitored devices D. RSA enVision automatically exports device attributes to an XML file for an administrator to review Answer: A

21. To remove a UDS device from an RSA enVision system, you must delete the device from the list of monitored devices and which of the following? (Check the one best answer.)

A. Delete the <devicename> folder from the \enVision\etc\devices directory B. Use the "uds emove <devicename>" command in a command prompt window C. Use the "lsdata emove <devicename>" command in a command prompt window D. Disconnect the device from the network and enVision will complete the removal it automatically Answer: A

22. What must happen for the Scheduled Reports display to present the results of a report that has been scheduled? (Check the one best answer.) A. The NIC Web server must have generated at least one report B. A Bind Report must be established to link the report to the output screen C. The Refresh Menu button must be clicked before the time that the report is to run D. One scheduled report must complete its run before another report can be scheduled Answer: A 23. What happens when an incorrect site configuration value is entered into the enVision Appliance

www.Prepking.com

 Configuration Wizard? (Check the one best answer.)

A. The value cannot be changed and the hardware may require re-imaging to restore factory default values before repeating the configuration wizard process B. The configuration value should be corrected by editing the /bin/site.config file C. The configuration value can be changed using the front panel LCD controls D. Run the enVision Appliance Configuration Wizard again in 'Repair' mode to correct the configuration values Answer: A

24. Which of the service listed below maintains the enVision site's directory information and lists data such as the name of the site the data was originally collected on and the device or event source name? the one best answer.) A. NIC Locator Service B. NIC Collector Service C. NIC Forwarder Service D. NIC File Reader Service Answer: A (Check

25. The exhibit shows block diagrams describing an enVision LS Site with a Database Server (D-SRV), Application Server (A-SRV), and two Local Collector (LC1 and LC2) components. Which diagram shows the correct arrangement? A. Diagram A B. Diagram B C. Diagram C D. Diagram D Answer: B (Check the one best answer.)

26. Which of the following statements about device Collection States is true? answer.)

(Check the one best

A. To collect data from a device, the device's Collection State must NOT be set to 'Disabled'.

www.Prepking.com

 B. When a device Collection State indicates 'Candidate', it indicates that the device type has been determined. C. To stop collecting events from an active device, the Collection State can be changed from 'Active' to 'Candidate' at any time. D. When a device Collection State is changed to 'Disabled', reports and queries can NOT be run on previously collected events from that device. Answer: A

27. What is the primary difference between the LC5 and LC10 local collector units? answer.) A. Base storage capacity B. Events Per Second (EPS) capability C. Physical size and weight of the units D. Type of Database Server to which they may be attached Answer: B

(Check the one best

28. Log management is the collection, analysis (real time or historical), storage and management of logs from a range of sources across the enterprise including which of the following? A. Non-log generating devices and systems B. Security systems C. Disconnected network devices D. Networking devices E. Operating systems F. Mobile devices G. Applications Answer: BDEG (Check four answers.)

29. Which of the following questions are true statements about the RSA enVision LS Series appliance? (Check three answers.) A. The LS Series consists of a single appliance

www.Prepking.com

100% Pass Guaranteed or Full Refund Word to Word Real Exam Questions from Real Test Buy full version of exam from this link below http://www.prepking.com/050-V37-ENVCSE01.htm