IBM C1000-140 Exam Practice Test Instant Access

Question 1

A company plans to collect event data from two remote sites that have slow WAN links. These remote sites do not generate many events per second. The company's deployment professional wants to deploy a system that can use EPS limiters to send events to the Event Processor to overcome WAN limitations.

What type of appliance can be used to meet this requirement?

APacket Capture appliance

BData Gateway

CFlow Collector

DDisconnected Log Collector

Answer : C

Question 2

Which statement about the Extensions Management tool in QRadar is true?

AThe Extensions Management tool can be used to add a log source.

BThe Extensions Management tool cannot be used to export content out of QRadar.

CQRadar can be updated by using the Extensions Management tool.

DCSV extensions can be imported into QRadar.

Answer : D

Question 3

Which additional license is required to use the Am I Affected scan in the IBM Security QRadar Threat Intelligence app?

AIBM Security QRadar Console license

BIBM Security QRadar QVM license

CIBM Watson license

DIBM Advanced Threat Protection Feed license

Answer : C

Question 4

What must be created before the Use Case Manager app can be used?

AAuthorized Service Token

BSecurity Profile

CCustom DSM

DUser roles

Answer : C

Question 5

What approach does QRadar take when it imposes EPS license (not hardware) limits on events that temporarily spike above that limit?

AExcessive events in a spike cause a System Notification that advises the customer to increase their EPS license allocation.

BQRadar EPS license allocation is implemented with a hard cutoff to ensure resources are not saturated.

CDuring the spike, excess events are written to a queue, and they are processed after the EPS rate drops.

DQRadar EPS licensing is measured as an average over a 24-hour period, which allows spikes to be handled gracefully.

Answer : D

Question 6

On an App Host, to reload an SSL certificate, which service needs to be restarted?

Atomcat

Bdocker

Chttpd

Decs-ec-ingress

Answer : C

Question 7

Which app can be used to find the state (active, standby, offline, or unknown) of each appliance, the number of notifications for each host, the host name and appliance type, disk usage, status, and time changed?

AQRadar Operations

BQRadar Deployment Monitoring

CQRadar Performance Assistant

DQRadar Deployment Intelligence

Answer : C

IBM C1000-140 IBM Security QRadar SIEM V7.4.3 Deployment Exam Practice Test