IBM Security QRadar SIEM V7.3.2 Fundamental Administration C1000-026 Exam Questions

Page: 1 / 14
Total 60 questions
Question 1

What happens if QRadar receives events at a higher rate than the license allows?



Answer : A


Question 2

An administrator needs to know if a custom rule is being correlated correctly.

Which QRadar component is responsible for this process?



Answer : D


Question 3

An administrator logs into the QRadar Console to review the stored backup files. There is an exclamation

mark beside some files.

What is the cause of this?



Answer : B


Question 4

A QRadar upgrade is planned and a maintenance window is scheduled. The administrator must stage the

FIXPACK from IBM Fix Central.

Which QRadar FIXPACK file type must the administrator download?



Answer : C


20Security&product=ibm/Other+software/IBM+QRadar+Network

+Insights&release=7.3.0&platform=Linux&function=all

Question 5

An administrator would like to extend the functionality of QRadar using an external application.

Which file format is supported to successfully upload an application from the QRadar Console?



Answer : A


b_qradar_appframework_devguide.pdf

Question 6

To comply with specific regulations, an administrator has been requested to increase asset retention to 365 days.

In which QRadar section can the administrator find the asset retention settings?



Answer : C


t_qradar_adm_asset_tuning_ip_retention.html

Question 7

An administrator plans to deploy multiple log sources that share a common configuration.

How many log sources can be added at one time?



Answer : D


t_logsource_bulkadd.html

Page:    1 / 14   
Total 60 questions