C1000-026無料問題集「IBM Security QRadar SIEM V7.3.2 Fundamental Administration」

質問 1

An administrator needs to save a search to use it in the dashboards.
To do so, which search feature does the administrator need to select in the "Include in my Dashboard" checkbox?

（A）Filter events of the last 7 days

（B）Filter events of the last 5 minutes

（C）Group by some property

（D）Filter events of the last month

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

An administrator has added a new Event Processor to a QRadar deployment.
How many events per second (EPS) are granted from the temporary license and how many days will those EPS last?

（A）10000 EPS for a 45 day period

（B）5000 EPS for a 45 day period

（C）10000 EPS for a 35 day period

（D）5000 EPS for a 35 day period

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

An administrator enters the QRadar web console into a web browser but does not get a response.
Which process is responsible for the QRadar GUI?

（A）magistrated

（B）consoled

（C）tomcat

（D）guid

正解：C 解答を投票する

質問 4

A company has several appliances and the administrator needs to copy a file to all appliances to run some tests to verify the integrity of the processes. The /opt/qradar/support/all_servers.sh script can be used to issue commands to all QRadar appliances within the deployment.
What option must be used with the script to copy the file to all appliances in the deployment?

（A）/opt/qradar/support/all_servers.sh -C

（B）/opt/qradar/support/all_servers.sh -k

（C）/opt/qradar/support/all_servers.sh -g

（D）/opt/qradar/support/all_servers.sh -p

正解：D 解答を投票する

質問 5

An administrator enabled the base license of QRadar Vulnerability Manager.
How many assets can be scanned using this license?

（A）up to 512

（B）up to 256

（C）up to 100

（D）up to 128

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

An administrator is about to integrate logs from a custom firewall in a QRadar deployment using syslog. The SIEM has two domains, namely Domain A and Domain B.
While reviewing the following sample logs, the administrator notices a "context" keyword:
May 14 11:05:01 192.168.1.23 20190514 11:05:00 context=contextA permit 192.168.1.24 source:
10.10.1.15; source_port: 64094; destination: 10.10.13.34; service: 53; protocol: udp; May 13 12:07:01 192.168.1.23 20190513 11:07:00 context=contextB permit 192.168.1.25 source:
10.10.1.15; source_port: 64094; destination: 10.10.13.34; service: 53; protocol: udp; Which options assign the "contextA" logs to DomainA and the "contextB" logs to domain B? (Choose two.)

（A）Create a single log source, create a "Context" custom event property, and assign the log to the correct domain using a custom rule.

（B）Create two individual log sources by configuring a separated logging instance for each context on the firewall and assign each log source to the correct domain.

（C）Create a single log source, create a "Context" custom event property, and assign the log to both domains using a custom rule.

（D）Create two individual log sources using the context value as log source identifier and assign each log source to the correct domain.

（E）Create a single log source, create a "Context" custom event property, and assign the log to the correct domain using custom event property value.

正解：B、D 解答を投票する

C1000-026 無料問題集「IBM Security QRadar SIEM V7.3.2 Fundamental Administration」

弊社を連絡する

関連リンク

トップ試験