This page was exported from Latest Lead2pass Dumps For Sharing [ https://www.ensurepass.net ] Export date:Wed Jan 22 4:10:57 2025 / +0000 GMT ___________________________________________________ Title: Passed NOVELL 050-728 Exam with Pass4sure and Lead2pass PDF & VCE (21-30) --------------------------------------------------- QUESTION 21 Which Sentinel objects can be imported into Sentinel Control Center interface? (Choose 2) A.    Users B.    Global filters C.    Active views D.    Solution packs E.    iTRAC Workflow F.    Correlation rules Answer: CF Explanation: C: After creating an Activity, you can modify, import or export it. To import an Activity: 1 Click iTRAC tab. 2 In the Navigator, click iTRAC Administration > Activity Manager. 3 Click Import/Export Activity icon. Import/Export Wizard window displays. 4 Select Import Activity and click Explore. 5 Navigate to your import file. Click Import. 6 Click Next. You will see a list of activities that are imported. 7 Click Next and click Finish. F: To Import a Correlation Rule: 1 Open the Correlation Rules Manager window and click Import/Export Correlation Rule icon. Etc. QUESTION 22 The Sentinel Correlation Engine Architecture is made up which components? (Choose 2) A.    DAS Query B.    Active views C.    Input manager D.    Action Manager E.    Solution Pack Controls Answer: AB Explanation: Note: * Sentinel Server Architecture * A Sentinel Server is made up of the following components: / Communication Server / Correlation Engine / DAS / Collector Manager Any combination of the above components can be installed in a particular Sentinel Server. * DAS_Query Performs general Sentinel Service operations including Login and Historical Query. QUESTION 23 Which actions are applicable as an iTRAC step? (Choose 4) A.    Mail Step B.    Logic Step C.    Manual Step D.    DropList Step E.    Decision step F.    Command step G.    UpdateList Step H.    Batch process Step Answer: ACEF Explanation: Steps are the basic components of a Template. Every Template must have a Start Step and an End Step. The Start Step exists by default. You can also add the following types of Steps to a Template: Mail Step Manual Step Decision Step Command Step Activity Step End Step QUESTION 24 What operators can only be used when using the Custom/Freeform option in correlation wizard? (Choose 3) A.    Flow B.    Gate() C.    Filter() D.    IsNull() E.    InList() F.    Window() G.    Sequence() H.    Match subnet Answer: DEH Explanation: * Freeform rules are the only way to include certain functionality in a correlation rule. Freeform rules give you the ability to do the following: / Nest operations using parentheses (to specify order of operations) / (E) Use the inlist operator to refer to a dynamic list / (D)Use the isnull operator to refer to unpopulated fields / Use the w. prefix for a field name in the window operation to compare an incoming event's value to a set of previous events * The match subnet operator can be used to build a condition where the value of a metatag maches a user-specified subnet specified in the rule in CIDR notation. This operator is used only for IP address fields. Example: filter(e.DestinationIP match subnet (10.0.0.1/22)) Note: * The Sentinel Correlation Engine runs rules that are written in the Correlation RuleLg language. Rules are created in the Sentinel Control Center. Users can create rules using a wizard for the following rule types: / Simple Rule / Composite Rule / Aggregate Rule / (not G) Sequence Rule These rules are converted to the Correlation RuleLg language when the rules are saved. The same rule types, plus even more complex rules, can be created in the Sentinel Control Center using the Custom/Freeform option. To use the Custom/Freeform option, the user must have a good understanding of the Correlation RuleLg language. QUESTION 25 What does a red line indicate in the tabular part of an active view? A.    A severe event occurred B.    A collector error occurred C.    Data was dropped by Sentinel D.    More events were received than could be displayed Answer: D QUESTION 26 Which statement is true regarding roles used by ITRAC? A.    Users can be made a member of only one role B.    Users can be members of multiple roles at any one time C.    Users can be a member of one member role and many secondary roles D.    When a user is created, a new role is created for that user and the user may then be added to additional role Answer: B QUESTION 27 You create and deploy a correlation rule with a Create incident action that also indicates an iTRAC workflow. After having the rule on for an hour, you find that the system has created several hundred workflow processes. What steps can you take to address this problem? (Choose 2) A.    Change the iTRAC settings in the configuration xml file B.    Configure the Data retention field in the Sentinel Data Manager C.    Set the maximum incidents setting to 10 in the correlation action definition D.    Adjust the definition of the rule so the threshold for triggering an event is higher E.    Change the Update Criteria to do not perform actionsevery time this rule fires for the next 1 hour Answer: AC QUESTION 28 Which Incident field provides a GUI option to configure the items in the drop-down list? A.    State B.    Priority C.    Severity D.    Category E.    Originator Answer: B QUESTION 29 When using the Correlation rule Wizard, which option would you select to create the RuleLG filter (e.rv32=*FW* and e.Severity = 3) A.    Simple B.    Sequence C.    Aggregate D.    Composite Answer: D QUESTION 30 What happens when a user accepts a worklist item assigned to an iTRAC role? A.    The administrator receives an email notification B.    The user's profile information is attached to the incident C.    An assignment is made in the USERS table of the database D.    The worklist item is removed from the worklist for the other users in that role Answer: D If you want to pass NOVELL 050-728 successfully, donot missing to read latest lead2pass NOVELL 050-728 exam questions. If you can master all lead2pass questions you will able to pass 100% guaranteed. http://www.lead2pass.com/050-728.html --------------------------------------------------- Images: http://examgod.com/l2pimages/PassedNOVELL050728ExamwithPass4sureandLe_ED0A/image_thumb.png --------------------------------------------------- --------------------------------------------------- Post date: 2014-03-14 08:51:40 Post date GMT: 2014-03-14 08:51:40 Post modified date: 2014-05-27 00:51:18 Post modified date GMT: 2014-05-27 00:51:18 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com