Download IBM Security QRadar SIEM V7.3.2 Fundamental Administration.C1000-026.BrainDumps.2019-12-05.36q.vcex
| Vendor: | IBM |
| Exam Code: | C1000-026 |
| Exam Name: | IBM Security QRadar SIEM V7.3.2 Fundamental Administration |
| Date: | Dec 05, 2019 |
| File Size: | 26 KB |
How to open VCEX files?
Files with VCEX extension can be opened by ProfExam Simulator.
Discount: 20%
Demo Questions
Question 1
An administrator needs to collect logs from the Command Line Interface (CLI).
Which command should the administrator use?
- /opt/bin/qradar/support/get_logs.sh
- /opt/support/get_logs.sh
- /opt/support/qradar/get_logs.sh
- /opt/qradar/support/get_logs.sh
Correct answer: D
Explanation:
Reference: https://www.ibm.com/support/pages/getting-help-what-information-should-be-submitted-qradar-service-request Reference: https://www.ibm.com/support/pages/getting-help-what-information-should-be-submitted-qradar-service-request
Question 2
A QRadar administrator added High Availability (HA) to the Event Processor and needs to verify the crossover link status between the primary and secondary hosts.
Which commands can be used to verify the crossover status? (Choose two.)
- /opt/qradar/ha/bin/ha_getstate.sh
- /opt/qradar/ha/bin/getStatus crossover
- /opt/qradar/ha/bin/qradar_nettune.pl crossover status
- /opt/qradar/ha/bin/qradar_nettune.pl linkaggr <interface> status
- /opt/qradar/ha/bin/ha cstate
- cat /proc/drbd
Correct answer: CF
Explanation:
Reference: https://www.ibm.com/developerworks/community/forums/html/topic?id=5c01c198-016d-461b-a648-a87cdc445768 Reference: https://www.ibm.com/developerworks/community/forums/html/topic?id=5c01c198-016d-461b-a648-a87cdc445768
Question 3
Which event routing rule is required to add QRadar Data Store (QDS) capability to a deployment?
- Log Only (exclude Analytics)
- Delete data When storage space is required
- Bypass Correlation
- Delete data immediately after the retention period has expired
Correct answer: A
Explanation:
Reference: https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.2/com.ibm.qradar.doc/t_qradar_adm_data_store.html Reference: https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.2/com.ibm.qradar.doc/t_qradar_adm_data_store.html
Question 4
An administrator is seeing the following system notification:
38750057 – A protocol source configuration may be stopping events from being collected.
What is a valid user action to this issue?
- Re-install the QRadar Console
- Review the /var/log/qradar.log file for more information
- Restart the QRadar Console
- Review the /var/log/error.log file for more information
Correct answer: D
Explanation:
Reference: https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.0/com.ibm.qradar.doc/38750057.html Reference: https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.0/com.ibm.qradar.doc/38750057.html
Question 5
An administrator needs to import a list of HR staff logins into a reference set.
Which file type can be used with the import function in the reference set editor window?
- xml
- csv
- xls
- json
Correct answer: B
Explanation:
Reference: https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.2/com.ibm.qradar.doc/c_qradar_adm_refdata_ui.html Reference: https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.2/com.ibm.qradar.doc/c_qradar_adm_refdata_ui.html
Question 6
An administrator plans to deploy multiple log sources that share a common configuration.
How many log sources can be added at one time?
- 1000
- 750
- 250
- 500
Correct answer: D
Explanation:
Reference: https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/t_logsource_bulkadd.html Reference: https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/t_logsource_bulkadd.html
Question 7
An administrator needs to add the following networks to a QRadar network hierarchy as a single Classless Inter-Domain Routin (CIDR) range:
192.168.64.0/24
192.168.65.0/24
192.168.66.0/24
192.168.67.0/24
What is the correct supernet for these subnets?
- Network 192.168.66.0 with subnet mask 255.255.252.0
- Network 192.168.64.0 with subnet mask 255.255.252.0
- Network 192.168.64.0 with subnet mask 255.255.255.0
- Network 192.168.66.0 with subnet mask 255.255.252.0
Correct answer: C
Question 8
Due to regulatory constraints, an administrator must increase the minimum password length and complexity.
In which QRadar section can the administrator change this setting?
- Admin / System settings
- Admin / Password policy
- Admin / Security profiles
- Admin / Authentication
Correct answer: B
Explanation:
Reference: https://www.ibm.com/support/knowledgecenter/en/SSHLHV_5.4.0/com.ibm.alps.doc/tasks/alps_configuring_admin_settings.htm Reference: https://www.ibm.com/support/knowledgecenter/en/SSHLHV_5.4.0/com.ibm.alps.doc/tasks/alps_configuring_admin_settings.htm
Question 9
Which log should be reviewed to determine the reasons a patch installer did not proceed during a QRadar upgrade?
- /var/log/qradar.audit
- /var/log/qradar.log
- /var/log/setup-*/patches.log
- /var/log/upgrade.log
Correct answer: C
Explanation:
Reference: https://www.ibm.com/support/pages/qradar-unable-run-patch-installer-and-update-exits-screen-terminating-message Reference: https://www.ibm.com/support/pages/qradar-unable-run-patch-installer-and-update-exits-screen-terminating-message
Question 10
An administrator has added a new Event Processor to a QRadar deployment.
How many events per second (EPS) are granted from the temporary license and how many days will those EPS last?
- 10000 EPS for a 35 day period
- 5000 EPS for a 45 day period
- 10000 EPS for a 45 day period
- 5000 EPS for a 35 day period
Correct answer: D
Explanation:
Reference: https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.0/com.ibm.qradar.doc/c_qradar_adm_license_mgmt.html Reference: https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.0/com.ibm.qradar.doc/c_qradar_adm_license_mgmt.html
HOW TO OPEN VCE FILES
Use VCE Exam Simulator to open VCE files
HOW TO OPEN VCEX AND EXAM FILES
Use ProfExam Simulator to open VCEX and EXAM files
ProfExam at a 20% markdown
You have the opportunity to purchase ProfExam at a 20% reduced price
Get Now!