- All Exams Instant Download
Which type of property must the administrator create?
An administrator needs to extract a property from an intrusion detection system (IDS) log. Using a regular expression, the administrator wants to extract a specific part of the log showing the matching “policy ID” of the IDS. Which type of property must the administrator create?A . Custom event propertyB ....
How many default dashboards does QRadar have?
How many default dashboards does QRadar have?A . 4B . 5C . 7D . 6View AnswerAnswer: B Explanation: Reference: https://www.ibm.com/support/knowledgecenter/SS42VS_7.3.0/com.ibm.qradar.doc/c_qradar_customize_dboard.html
Which command can the administrator use to accomplish this?
An administrator has to change the system hardware clock of the QRadar server. The administrator has already restarted the main services (hostservices, tomcat, hostcontext) and needs to synchronize the QRadar Console time with the QRadar managed hosts. Which command can the administrator use to accomplish this?A . /opt/qradar/support/all_servers.sh systemctl restart...
Which EVPN route type would be used in a DCI situation in which the IP subnets between data centers are completely unique?
Which EVPN route type would be used in a DCI situation in which the IP subnets between data centers are completely unique?A . Type 2B . Type 3C . Type 4D . Type 5View AnswerAnswer: D
Which of the following dashboards is a QRadar default Dashboard?
Which of the following dashboards is a QRadar default Dashboard?A . Compliance and Reporting MonitoringB . Vulnerability OverviewC . Monitoring OverviewD . Threat and Security MonitoringView AnswerAnswer: D Explanation: Reference: https://www.ibm.com/support/knowledgecenter/en/SS42VS_7.3.2/com.ibm.qradar.doc/c_qrm_default_dboard.html
Which command should the administrator use?
An administrator needs to collect logs from the Command Line Interface (CLI). Which command should the administrator use?A . /opt/bin/qradar/support/get_logs.shB . /opt/support/get_logs.shC . /opt/support/qradar/get_logs.shD . /opt/qradar/support/get_logs.shView AnswerAnswer: D Explanation: Reference: https://www.ibm.com/support/pages/getting-help-what-information-should-be-submitted-qradarservice-request
When does this message appear?
A QRadar user reported the following notification: 38750099 C The accumulator was unable to aggregate all events/flows for this interval When does this message appear?A . When the aggregate data view configuration that is in memory is unable to write data to the databaseB . When the system is unable...
How many log sources can be added at one time?
An administrator plans to deploy multiple log sources that share a common configuration. How many log sources can be added at one time?A . 1000B . 750C . 250D . 500View AnswerAnswer: D Explanation: Reference: https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/t_logsource_bulkadd.html
How many events per second (EPS) are granted from the temporary license and how many days will those EPS last?
An administrator has added a new Event Processor to a QRadar deployment. How many events per second (EPS) are granted from the temporary license and how many days will those EPS last?A . 10000 EPS for a 35 day periodB . 5000 EPS for a 45 day periodC . 10000...
How many default dashboards does QRadar have?
How many default dashboards does QRadar have?A . 4B . 5C . 7D . 6View AnswerAnswer: B Explanation: Reference: https://www.ibm.com/support/knowledgecenter/SS42VS_7.3.0/com.ibm.qradar.doc/c_qradar_customize_dboard.html
