최신 C1000-026 무료덤프 - IBM Security QRadar SIEM V7.3.2 Fundamental Administration

문제1

After fixing the assets that contributed to the asset growth deviation, an administrator needs to find the asset artifacts that have to be cleaned up.
What action should the administrator take to find the artifacts?

A. On the Admin Tab, select System Configuration --> Asset Profiler Configuration

B. On the Asset tab, run the "Clean Assets" action

C. Run the ./cleanAssets.sh --list command

D. On the "Log Activity" tab, run the "Deviating Asset Growth: Asset Report event search"

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제2

To comply with specific regulations, an administrator has been requested to increase asset retention to 365 days.
In which QRadar section can the administrator find the asset retention settings?

A. Assets Tab / Asset Retention

B. Admin Tab / Asset Retention

C. Admin Tab / System settings

D. Assets Tab / Retention settings

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제3

An administrator has been tasked to run all health checks at once using the DrQ command before a major event happens, such as an upgrade.
What does the DrQ command do?

A. It runs all available checks in /opt/ibm/si/diagnostiq and writes the results in a txt file.

B. It runs all available checks in /opt/ibm/si/diagnostiq with the checkup mode and with the summary output mode.

C. It checks all the available drives on the QRadar managed host and writes the results on a txt file.

D. It shows all the available drives on the QRadar managed host.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제4

A company has two different domains in their IBM QRadar system: Domain_A and Domain_B. An administrator has been tasked to create a rule to look only at events that are tagged with Domain_A and ignore rules that are tagged with the other domains.
What domain text should the administrator use to create this rule?

A. domain is: Domain_A

B. is from domain: Domain_A

C. domain is one of: Domain_A

D. from domain: Domain_A

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제5

A QRadar administrator added High Availability (HA) to the Event Processor and needs to verify the crossover link status between the primary and secondary hosts.
Which commands can be used to verify the crossover status? (Choose two.)

A. /opt/qradar/ha/bin/ha cstate

B. /opt/qradar/ha/bin/getStatus crossover

C. /opt/qradar/ha/bin/ha_getstate.sh

D. cat /proc/drbd

E. /opt/qradar/ha/bin/qradar_nettune.pl crossover status

F. /opt/qradar/ha/bin/qradar_nettune.pl linkaggr <interface> status

정답: D,E

설명: (DumpTOP 회원만 볼 수 있음)

문제6

An administrator wants to have all QRadar apps running on a new App Host that was configured to have dedicated CPU, storage and memory resources for the Apps. Several issues were presented during the installation of the App Host.
To troubleshoot, what should the administrator check?

A. If an IP table entry was already created to allow traffic from the App Host IP

B. If the completion of the /opt/qradar/check_app_host.sh script was successful

C. If port 5000 is opened on the console

D. If IP tables are disabled on the console

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

최신 C1000-026 무료덤프 - IBM Security QRadar SIEM V7.3.2 Fundamental Administration

우리와 연락하기

유용한 링크

최신 업데이트