Weekend Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

C1000-018 Questions and Answers

Note! Following C1000-018 Exam is Retired now. Please select the alternative replacement for your Exam Certification.

C1000-018 Questions and Answers

Question # 6

The administrator had set up several scheduled reports that can be executed by analysts every Monday, and the first day of each month. On Thursday, an executive requests one of the weekly reports.

If the analyst executes the report on Thursday, what information will the report contain?

A.

Data from Thursday from the previous week to Wednesday from the current week

B.

Data from Monday to Wednesday from the current week.

C.

Data from Monday to Thursday from the current week.

D.

Data from Monday to Sunday from the previous week.

Full Access
Question # 7

Which use case type is appropriate for VPN log sources? (Choose two.)

A.

Advanced Persistent Threat (APT)

B.

Insider Threat

C.

Critical Data Protection

D.

Securing the Cloud

Full Access
Question # 8

How does the Custom Rule Engine (CRE) evaluates rules?

A.

It runs stateless tests first, then runs stateful tests and evaluates the result.

B.

It runs tests based on the criticality of the test, running the critical ones first.

C.

It runs rule tests line-by-line in order, and continues while tests are true.

D.

It runs all rule tests at the same time, and evaluates the result after all tests are complete

Full Access
Question # 9

What could be a reason that an Event Rule is not triggering as expected?

A.

It contains stateful tests but is configured to use a Processors CRE Instance instead of the Consoles CRE Instance.

B.

It contains stateless tests but is configured to use the Console's CRE Instance instead of the Processor's CRE Instance.

C.

It contains stateful and stateless tests but is configured to use a Console's CRE Instance instead of the Processor s CRE Instance.

D.

It contains stateless tests but is configured to use the Processors CRE Instance instead of the Console's CRE Instance.

Full Access
Question # 10

An analyst wants to create a report using the report wizard.

What are key elements used by the wizard to create the report?

A.

Report templates, layout, content.

B.

Report templates, layout, saved searches

C.

Layout, container, content

D.

Report templates, user groups, permissions.

Full Access
Question # 11

What is the reason for this system notification?

"Time synchronization to primary or Console has failed"

A.

Deny ntpdate communication on port 423.

B.

Deny ntpdate communication on port 223.

C.

Deny ntpdate communication on port 323.

D.

Deny ntpdate communication on port 123

Full Access
Question # 12

An analyst needs to create a new custom dashboard to view dashboard items that meet a particular requirement.

What are the main steps in the process?

A.

Select New Dashboard and enter unique name, description, add items and save.

B.

Select New Dashboard and copy name, add description, items and save.

C.

Request the administrator to create the custom dashboard with required items.

D.

Locate existing dashboard and modify to include indexed items required and save.

Full Access
Question # 13

How does an analyst view which rule triggered an Offense in the Offense summary page?

A.

Display -> Rules

B.

Actions -> View Rules

C.

Actions -> Display Rules

D.

Display -> Triggered Rules

Full Access
Question # 14

What is required to create an anomaly rule?

A.

triggered events

B.

a grouped saved search

C.

triggered flows

D.

baseline anomalies

Full Access
Question # 15

An analyst is searching for a list of events that meet specific search criteria and wants to display only the source IP and destination IP information for the events.

To get the required information, the analyst can open the Log Activity tab and then:

A.

select the field names,

select the start and end time from the drop down fields in the filters section,

then click search.

B.

click add filter,

select the desired parameters, operators, values and field names,

then click search.

C.

select advanced search.

type the corresponding AQL query,

then click search.

D.

select search,

then new search,

scroll down and select time range, column definitions, the search parameters

then click search.

Full Access