IBM C1000-140 Exam Practice Test Instant Access

Question 1

Where is a QRadar license obtained?

AX-Force Exchange/license app

BIBM Sales Representative

CQRadar Console

DIBMcom/qradar/licenses

Answer : B

Question 2

A QRadar deployment professional designs a multi-tenant environment where each tenant is permitted a quantity of events per second (EPS).

In a discussion with the service provider (who provides the security monitoring services to each tenant), how should the deployment professional describe the licensing options available?

APer-tenant EPS limits can be set, but any events over the EPS will be dropped from the pipeline; over-license buffering will not be used to handle EPS spikes.

BPer-tenant EPS limits can be set if the tenants are defined by event collectors. Then over-license buffering can be used to handle EPS spikes.

CIf each domain and tenant is defined by log source groups, the EPS limit can be shared by the log source groups used for each tenant. Over-license buffering is defined at the event collector.

DThe domain sets EPS limits, so each tenant needs to have only one domain. This way, over-license buffering can be used to handle EPS spikes.

Answer : D

Question 3

In a multidomain and multitenant environment, how is event visibility provided to users?

AAn event is in a domain, a domain is attached to a tenant, and a tenant is referenced in the security profile of the user.

BAn event is allocated to a tenant, a tenant is attached to a domain, and a domain is referenced in the security profile of the user.

CAn event is allocated to a tenant, and a tenant is referenced in the security profile of the user.

DAn event is in a domain, and a domain is referenced in the security profile of the user.

Answer : A

Question 4

A QRadar deployment professional needs to add a managed host to help reduce the load on the QRadar Console.

The managed host should have local storage and also use the QRadar Custom Rule Engine.

Which managed host does the deployment professional add?

AEvent Collector

BApp Host

CDisconnected Log Collector

DEvent Processor

Answer : D

Question 5

Which of these statements is true about network objects?

AA network object can have multiple CIDR ranges assigned to it.

BA network object must have at least one CIDR range per QRadar domain.

CA network object represents a single asset that is connected to a network.

DA network object is a group of assets that are connected to a network.

Answer : C

Question 6

Which IP address is used to log in to the active HA QRadar appliance?

AThe IP address of the QRadar Console

BThe standby IP address

CThe HA backup IP address

DA virtual address for the HA appliance pair

Answer : C

Question 7

Which two passwords does a deployment professional configure when installing QRadar? (Choose two.)

Aadmin

Bsudo

Croot

Dqruser

Eanalyst

Answer : B, C

IBM C1000-140 IBM Security QRadar SIEM V7.4.3 Deployment Exam Practice Test