ArcSight Certified Security Analyst - HP0-M54 Exam

j666gakj666gak Member Posts: 19 ■□□□□□□□□□

I wondered if anybody on here has already taken the exam and have any tips? As I will be taking the exam shortly



  • Options
    JDMurrayJDMurray Admin Posts: 13,052 Admin
    Please post a review of your exam experience to let us know how you did and what you think. I don't see many people discussing Arcsight certs.
  • Options
    j666gakj666gak Member Posts: 19 ■□□□□□□□□□
    a bit more info from HP HP0-M54 Exam, HP0-M54 ArcSight ESM Security Analyst Test

    HP HP0-M54 Exam Description and Topics
    The ArcSight ESM Security Analyst Exam (HP0-M54) is a closed-book, pass-fail test requiring a score of at least 72% for passing. The HP0-M54 Exam features 60 multiple choice questions in fourteen primary subject matter areas. The percentage of questions answered correctly in each section impacts the overall score and pass-fail status of candidates. Allotted time for exam completion is 90 minutes. Additional details regarding question topics can be found in the Exam Details section below.
    The HP0-M54 Exam can be applied to several formal HP certifications, and further details about the certifications for which this exam may be credited can be found in the HP Learning Center.

    Recommended training for passing the HP0-M54 Exam includes ArcSight University resources as well as a minimum of 6 months hands on experience with the software. Additional study and exam prep resources include: (1) ArcSight ESM 101 for ESM v5.0+, (2) ArcSight ESM v5.0+ Console User's Guide, and (3) ArcSight Web v5.0+ User's Guide.

    Successful completion of the HP0-M54 Exam also requires knowledge of the following:
    1. Security devices and functions, including firewalls and IDS
    2. Security directives - availability, integrity, and confidentiality
    3. TCP/IP functions, including communications, addressing, CIDR blocks and subnets
    4. Basic tasks and functions of Windows OS
    5. Network devices and functions - hubs, switches, routers, etc.
    6. Possible attack and other abnormal activities - DoS, scans, sniffing, viruses, Trojans, worms, etc.
    7. SIEM terminology - safeguards, risk, threat, exposure, asset, and vulnerability

    Parts of exam topics are:

    1. ESM Overview
    2. Event Schema
    3. Query Viewers
    4. ESM Network Model
    5. Workflows, Cases and Annotations
    6. ArcSight Web
    7. Event Lifecycle
    8. Dashboards and Data Monitors
    9. Rules
    10. Reports

  • Options
    JMonteerJMonteer Registered Users Posts: 2 ■□□□□□□□□□
    I am scheduling an on site instructor for my team. So far it has proved that it will be costly. HP is very proud of thier training. For a class size of 12 they the quote was around $59k, so there is not much difference from the $4k price tag to send a student to the remote class. We do save Per Diem, Airfare, ect... I will update this with my experiences throug out the course. We are planning to take it towards the end of August. With the switch from Retina and integration of AS, this is a very busy time for my staff and I.
  • Options
    LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    I didnt know there is an exam for this, last time the course is bundle with the certs. You will get the certs after completing the course. Quite interesting, I had a friend who is going for the course soon.

    But from the modules, doesn't seems like closely relevant to analyst work. I had been using Arcsight for 4 years doing everything from rules, and in the banking environment we had to reports, integration, dashboards, and even changing the GUI and setting up a robust case handling and smart connector monitoring system for it. We had some fantastic stuff like a pure management report from Arcsight, automatic handover reports, due dates as such.

    The architecture is although, is necessary for the an Arcsight Related analyst, Something probably you had to slog through, but anything front end and security+ should be easy to handle.

    Still, it would require sometime before the cert become in demand.
  • Options
    JMonteerJMonteer Registered Users Posts: 2 ■□□□□□□□□□
    Yes, ArcSight ESM Security Analyst is an proctored certification exam. HP really has thier training on lock down too. I'm trying to compile 3 quotes, but HP only allows one vendor to deal with us. Looks like that 60k for 12 people is not going to be a more palatable for our finance department. Our technology department has a couple HP consultants that perform regular knowledge transfer workshops with our ArcSight administators, so I think we can get by with out having that course.

    We are tranistioning from Retina to ACAS and incorporating ArcSight at the same time. My first impression of tinkering with the management console is that we have a ferarri parked in the garage, but no one knows how to drive a stick. Getting support from HP is not going as smooth as I would like. They dont seem too negotiable.
  • Options
    SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□
Sign In or Register to comment.