Define application classes and work with variables
Questions derived from the Cisco Security Agent Guide, Chapter 4: Understanding CSA Policies, Modules, and Rules, CSA Rules, pp. 94-96. 642-513 – Securing Hosts Using Cisco Security Agent.
Objective: Define application classes and work with variables
SubObjective: Discuss how events sets are used to ease administration of security policies
Item Number: 642-513.4.5.1
Single Answer, Multiple Choice
Which field in the EventList View Fields is a string representation of the SeverityCode?
- EventSeverity
- SeverityName
- SeverityCode
- SeverityRating
Answer:
B. SeverityName
Tutorial:
The SeverityName field in the EventList View Fields is a string that represents the SeverityCode. EventListView is a database view through which events can be accessed. This is done through various fields.
The option EventSeverity is incorrect because this field does not exist.
The option SeverityCode is incorrect because this field is an integer that represents event severity.
The option SeverityRating is incorrect because this field does not exist.
Reference:
For more information, see Event Logging and Alerts http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_configuration_guide_chapter09186a008066e84a.html#wp953202