You are troubleshooting ClearPass with IntroSpect, and you notice that in Access Tracker the IntroSpect Logon Logoff actions profile is executing. However, the ClearPass Log Source on the IntroSpect Analyzer is showing dropped entries.

Would this be a good troubleshooting step? (Confirm that the ClearPass context action is sending the User name, MAC Address, IP Address, and Time Stamp)

A. Yes

B. No

When IntroSpect ingests logs from different sources, it standardizes and catalogs the information. When it stores log data, it currently categorizes it into one of four standard schemas. Are these the four standard schemas? (VPN access data, email data, network data, and authentication data.)

A. Yes

B. No

In a meeting with a customer that runs a fully automated manufacturing facility that is connected to the business and corporate offices, the operations manager asks why they need IntroSpect to monitor the manufacturing network. Is this a reason they should monitor the manufacturing network security? (The devices on the automation network are vulnerable to attack because they are highly functional and could be weaponized by an attacker and used to attack the corporate network.)

A. Yes

B. No

You are planning to configure ClearPass to send endpoint context to IntroSpect. You need to create a checklist of functions that must be enabled in ClearPass to support this. Is this an option that is required? (System Monitor Service.)

A. Yes

B. No

You are a system admin with a company where Aruba infrastructure, such as Controllers, ClearPass, and Airwave, have been deployed. The company has integrated an Aruba Introspect 2-RU appliance in the Network Infrastructure. Recently, you are seeing overload issues with the IntroSpect system. So, you want to add five more Compute Nodes to meet the requirements. Is this a correct solution for adding more Compute Nodes? (2-RU is a single appliance that does not scale, and you cannot add any more Compute Nodes to it.)

A. Yes

B. No

A network administrator is looking for an option to set the maximum data retention period to 180 days in the IntroSpect Analyzer. Is this a correct statement about data retention in IntroSpect? (The data retention period cannot exceed 90 days.)

A. Yes

B. No

An administrator scheduled a maintenance window for upgrading an IntroSpect system. Is this a true statement about upgrading the IntroSpect system? (All Packer Processors should be upgraded first, then the IntroSpect Analyzer should be upgraded.)

A. Yes

B. No

Refer to the exhibit.

You have been assigned a task to monitor, analyze, and find those entities who are trying to access internal resources without having valid user credentials. You are creating an AD-based use case to look for this activity. Could you use this entity type to accomplish this? (Dest Host.)

A. Yes

B. No

Refer to the exhibit.

You have been assigned a task to monitor, analyze, and find those entities who are trying to access internal resources without having valid user credentials. You are creating an AD-based use case to look for this activity. Could you use this entity type to accomplish this? (Source Host.)

A. Yes

B. No

Refer to the exhibit.

You have been assigned a task to monitor, analyze, and find those entities who are trying to access internal resources without having valid user credentials. You are creating an AD-based use case to look for this activity. Could you use this entity type to accomplish this? (Dest IP.)

A. Yes

B. No