Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home IBM C1000-026

IBM C1000-026 Exam Practice Questions (P. 2)

  • Full Access (60 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #6
Which event routing rule is required to add QRadar Data Store (QDS) capability to a deployment?
  1. A
    Log Only (exclude Analytics)
  2. B
    Delete data When storage space is required
  3. C
    Bypass Correlation
  4. D
    Delete data immediately after the retention period has expired

Correct Answer:
A
Reference:
https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.2/com.ibm.qradar.doc/t_qradar_adm_data_store.html

Question #7
An administrator is seeing the following system notification:
38750057 `" A protocol source configuration may be stopping events from being collected.
What is a valid user action to this issue?
  1. A
    Re-install the QRadar Console
  2. B
    Review the /var/log/qradar.log file for more information
  3. C
    Restart the QRadar Console
  4. D
    Review the /var/log/error.log file for more information

Correct Answer:
D
Reference:
https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.0/com.ibm.qradar.doc/38750057.html

Question #8
An administrator needs to import a list of HR staff logins into a reference set.
Which file type can be used with the import function in the reference set editor window?
  1. A
    xml
  2. B
    csv
  3. C
    xls
  4. D
    json

Correct Answer:
B
Reference:
https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.2/com.ibm.qradar.doc/c_qradar_adm_refdata_ui.html

Question #9
An administrator is about to integrate logs from a custom firewall in a QRadar deployment using syslog. The SIEM has two domains, namely Domain A and
Domain B. While reviewing the following sample logs, the administrator notices a `context` keyword:
May 14 11:05:01 192.168.1.23 20190514 11:05:00 context=contextA permit 192.168.1.24 source: 10.10.1.15; source_port: 64094; destination: 10.10.13.34; service: 53; protocol: udp;
May 13 12:07:01 192.168.1.23 20190513 11:07:00 context=contextB permit 192.168.1.25 source: 10.10.1.15; source_port: 64094; destination: 10.10.13.34; service: 53; protocol: udp;
Which options assign the `contextA` logs to DomainA and the `contextB` logs to domain B? (Choose two.)
  1. A
    Create a single log source, create a ג€Contextג€ custom event property, and assign the log to both domains using a custom rule.
  2. B
    Create two individual log sources by configuring a separated logging instance for each context on the firewall and assign each log source to the correct domain.
  3. C
    Create a single log source, create a ג€Contextג€ custom event property, and assign the log to the correct domain using custom event property value.
  4. D
    Create two individual log sources using the context value as log source identifier and assign each log source to the correct domain.
  5. E
    Create a single log source, create a ג€Contextג€ custom event property, and assign the log to the correct domain using a custom rule.

Correct Answer:
BD

Question #10
An administrator plans to deploy multiple log sources that share a common configuration.
How many log sources can be added at one time?
  1. A
    1000
  2. B
    750
  3. C
    250
  4. D
    500

Correct Answer:
D
Reference:
https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/t_logsource_bulkadd.html

Previous Questions Next Questions

All Pages