최신 C1000-026 무료덤프 - IBM Security QRadar SIEM V7.3.2 Fundamental Administration

문제1

An administrator receives an expensive custom rule notification.
Which tool can now be enabled via the Advanced 'System Settings' - Custom Rule Settings to help troubleshoot this?

A. Offense Analysis

B. Performance Analysis

C. Custom Rule Analysis

D. Rule Analysis

정답: C

문제2

An administrator logs in to the Offenses tab and finds a large number of new Offenses that need action.
What column in the list of Offenses should the administrator use to prioritize them?

A. Magnitude

B. Last Event/Flow

C. Offense Type

D. Source IPs

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제3

A company has two different domains in their IBM QRadar system: Domain_A and Domain_B. An administrator has been tasked to create a rule to look only at events that are tagged with Domain_A and ignore rules that are tagged with the other domains.
What domain text should the administrator use to create this rule?

A. domain is: Domain_A

B. is from domain: Domain_A

C. domain is one of: Domain_A

D. from domain: Domain_A

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제4

An administrator needs to add, delete and modify user accounts.
When deleting a user, what dependency checks are carried out?

A. Custom Rules, Historical Correlation Profiles, Security Profiles

B. Custom Rules, Report and Search Criteria, Historical Correlation Profiles

C. Custom Rules, Report and Search Criteria, Security Roles

D. Custom Rules, Security Profiles, Report and Search Criteria

정답: B

문제5

An administrator has to change the system hardware clock of the QRadar server. The administrator has already restarted the main services (hostservices, tomcat, hostcontext) and needs to synchronize the QRadar Console time with the QRadar managed hosts.
Which command can the administrator use to accomplish this?

A. /opt/qradar/support/all_servers.sh systemctl restart systemd-timedated.service

B. /sbin/hwclock -systohc /opt/qradar/bin/time_sync.sh

C. /opt/qradar/support/all_servers.sh service ntpd restart

D. /opt/qradar/support/all_servers.sh /opt/qradar/bin/time_sync.sh

정답: D

문제6

An administrator is tasked to reduce data volumes in the asset database and reduce stale data contributing to asset growth deviation.
How can the administrator tune the configuration of the Asset Profiler?

A. In the System Configuration section of the Admin, access the Asset Profile Configuration and increase the retention values for the Asset Profiler Retention Configuration and Save. Next, deploy the changes into the environment for the updates to take effect.

B. In the System Configuration section of the Admin, access the Asset Profile Configuration and reduce the retention values for the Asset Profiler Retention Configuration and Save. Next, deploy the changes into the environment for the updates to take effect.

C. In the System Configuration section of the Admin, access the Asset Profile Configuration and increase the retention values for the Asset Profiler Retention Configuration and Save. On the navigation menu, click Admin and from the Advanced menu, click Restart Event Collection Services. Next, deploy the changes into the environment for the updates to take effect.

D. On the navigation menu, click Admin, click the Asset Profile Configuration and reduce the retention values for the Asset Profiler Retention Configuration and Save. On the navigation menu, click Admin and from the Advanced menu, click Restart Event Collection Services. Next, deploy the changes into the environment for the updates to take effect.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

최신 C1000-026 무료덤프 - IBM Security QRadar SIEM V7.3.2 Fundamental Administration

우리와 연락하기

유용한 링크

최신 업데이트