Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home IBM C1000-018

IBM C1000-018 Exam Practice Questions (P. 3)

  • Full Access (60 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #11
An analyst needs to create a new custom dashboard to view dashboard items that meet a particular requirement.
What are the main steps in the process?
  1. A
    Select New Dashboard and enter unique name, description, add items and save.
  2. B
    Select New Dashboard and copy name, add description, items and save.
  3. C
    Request the administrator to create the custom dashboard with required items.
  4. D
    Locate existing dashboard and modify to include indexed items required and save.

Correct Answer:
C

Question #12
What event information within an offense would provide the analyst with a deep insight as to how it was created?
  1. A
    Event Category
  2. B
    Event QID
  3. C
    Event Payload
  4. D
    Event Magnitude

Correct Answer:
D

Question #13
How can analyst verify if any host in the deployment is vulnerable to CVE ID: CVE-2010-000?
  1. A
    Use the asset search feature, select vulnerability external reference from the list of search parameters, select CVE and then type: 2010-000
  2. B
    Use the asset search feature, select vulnerability external reference from the list of search parameters, select CVE and then type: $CVE-2010000
  3. C
    Use the asset search feature, select vulnerability external reference from the list of search parameters, select CVE and then type: $2010-000
  4. D
    Use the asset search feature, select vulnerability external reference from the list of search parameters, select CVE and then type: CVE-2010000

Correct Answer:
A

Question #14
An analyst investigates an Offense that will need more research to outline what has occurred. The analyst marks a ‘Follow up’ flag on the Offense.
What happens to the Offense after it is tagged with a ‘Follow up’ flag?
  1. A
    Only the analyst issuing the follow up flag can now close the Offense.
  2. B
    New events or flows will not be applied to the Offense.
  3. C
    A flag icon is displayed for the Offense in the Offense view.
  4. D
    Other analysts in QRadar get an email to look at the Offense.

Correct Answer:
C

Question #15
An analyst noticed that from a particular subnet (203.0.113.0/24), all IP addresses are simultaneously trying to reach out to the company’s publicly hosted FTP server.
The analyst also noticed that this activity has resulted in a Type B Superflow on the Network Activity tab.
Under which category, should the analyst report this issue to the security administrator?
  1. A
    Syn Flood
  2. B
    Port Scan
  3. C
    Network Scan
  4. D
    DDoS

Correct Answer:
A

Previous Questions Next Questions

All Pages