C1000-140無料問題集「IBM Security QRadar SIEM V7.4.3 Deployment」

質問 1

Which type of network hierarchy can be configured in QRadar?

（A）/24 range of IP addresses

（B）Any range of IP addresses

（C）IPv6 only

（D）IPv4 only

正解：B 解答を投票する

質問 2

What is an approach to tuning a "noisy" rule, that is, a rule that generates too many offenses?

（A）Use the QRadar Pulse app to map noisy offense output.

（B）Determine whether the rule matches too many conditions in the traffic.

（C）In the offense output, scroll down and review the "Excessive" flags.

（D）Confirm that the rule is enabled.

正解：B 解答を投票する

質問 3

Which of these items forwards data to a QRadar Packet Capture appliance?

（A）QRadar SIEM All-in-One 3199

（B）QRadar Flow Collector 1310

（C）QRadar Network Insights Core appliance 1910

（D）QRadar Event Collector 1501

正解：A 解答を投票する

質問 4

While a search runs on the Network Activity tab, the direction of a set of flows is seen as R2R. The source IP of this set of flows is an internal email server.
What does this situation suggest about the QRadar configuration?

（A）QRadar might be having performance issues.

（B）The email server is offline or down.

（C）The email server is not included in the network hierarchy.

（D）The flow pipeline is choked because of high incoming flows.

正解：C 解答を投票する

質問 5

A QRadar deployment professional was asked to plan a system migration from an on-premises, appliance-based environment to an AWS environment. As part of this transition, the Ariel data must be moved to the new logical appliances and must be searchable by using the existing mechanisms (for example, to filter by log source).
Which approach can the deployment professional use to migrate the configuration after the VM is built (and before the Ariel data is restored)?

（A）Use the QRadar configuration backup and restore process to transfer all configurations

（B）Use rsync to transfer the contents of the /store partition to the new system

（C）Export the security content with CMT and import using the REST-API

（D）Use the Content Management Tool (CMT) to transfer the security configuration

正解：C 解答を投票する

質問 6

Where can a deployment professional find updates to DSMs?

（A）QRadar on Cloud website

（B）The QRadar Admin console

（C）Fix Central

（D）The Log Source Management app

正解：A 解答を投票する

C1000-140 無料問題集「IBM Security QRadar SIEM V7.4.3 Deployment」

弊社を連絡する

関連リンク

トップ試験