IBM C1000-055 Exam Practice Test Instant Access

Question 1

A deployment professional needs to install a new QRadar application downloaded from the IBM Security App Exchange.

Which option would the deployment professional select from the QRadar Console GUI under Admin: System Configuration to install the downloaded application?

ACustomization Management.

BApplication Management.

CExtensions Management.

DContent Management.

Answer : D

Question 2

During an initial deployment, three retention buckets (longret, midret. testret) were configured with the following characteristics, being (X) the number of the bucket:

longret (1): keep data in this bucket for 2 years. Delete when storage is needed.

midret (2): keep data in this bucket for 6 months. Delete when storage is needed.

testret (3): keep data in this bucket for 3 days. Delete immediately after expiration.

Default (0) retention bucket has a 3 months / delete immediately policy.

During testing last week, a significant amount of test data has been mistakenly categorized as "longret". This bucket does not contain any other important information. Everything else, including some important data, has been saved into the default bucket. How can the deployment professional remove all data stored in the "longret" bucket?

AManually delete old data from last week by issuing a rm * on /store/ariel/events/payloads/ and /store/ariel/events/records/ and select the directories containing events from the last week

BChange the longret bucket period to 10 days and deploy the changes.

CChange the system's time to 2 years in the future and wait until deletion has been made and then go back to the real system's time.

DManually delete the files ending by -1 from /store/ariel/events/payloads/ and /store/ariel/events/records/

Answer : B

Question 3

A deployment professional configures QRadar auto-update with the automatic install option for all update types where automatic install is available.

Assuming all auto-update installations are successful, which update types will need manual installation?

AMajor updates, scanner and protocol updates

BConfiguration updates and WinCollect updates

CApplication updates and major updates

DApplication updates, DSM, scanner and protocol updates

Answer : D

Question 4

A deployment professional configures domain definitions for events in a multi-tenant QRadar environment. The domain assignments for tenants, flows, VA scanners, reference data, network hierarchy items are already configured.

Which is the order of precedence between the incoming event's attributes when evaluating its domain assignment?

ACustom Properties, Network Hierarchy, Log Source, Event Collector

BTenant, Log Source, Network Hierarchy, Log Source Group

CTenant, Network Hierarchy. Log Source, Event Collector

DCustom Properties, Log Source, Log Source Group. Event Collector

Answer : C

Question 5

A deployment professional needs to ensure that in high-security unidirectional networks (also known as data diodes), logs are collected from different log sources.

Which option should the deployment professional use?

AAn IBM QRadar Packet Capture solution

BAn IBM QRadar Data Node

CA Disconnected Log Collector of IBM QRadar

DAn IBM QRadar Event Processor

Answer : A

Question 6

A company is currently using 2500 EPS (events per second). A deployment professional is required to plan for a large reorganization project within the company that would increase the EPS to 7500 for 5 months.

What type of licensing should the deployment professional choose?

Aprogressive

Bcumulative

Cphased

Dincremental

Answer : C

Question 7

A deployment professional has been asked to create some Reference Data to be used to provide additional information in the results of Ariel Query Language (AQL) queries. The data will enable a lookup that finds the users's Department based on the username which will be returned by the required AQL function when looked up in the reference data.

Which Reference Data should the deployment professional create for this purpose?

AReference Map

BReference Map of Tables

CReference Set

DReference Map of Sets

Answer : D

IBM QRadar SIEM V7.3.2 Deployment C1000-055 Exam Practice Test