Year End Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

C1000-055 Questions and Answers

Question # 6

A deployment professional has been asked to ensure the system can be integrated with another system which contains lists of IP addresses and CIDR ranges in an automated manner, to allow rules to target specific communication endpoints.

Which part of QRadar is designed to hold and manage this data?

A.

Domain Definition

B.

Network Hierarchy

C.

Asset Profiles

D.

Building Blocks

Full Access
Question # 7

QRadar is configured to periodically update an IP address list from a 3rd party threat intelligence provider using the Threat Intelligence app. The IP address data is used in a CRE rule to create an offense in case a connection attempt toward any IP address on the list is seen.

Which QRadar component stores the collected IP address data?

A.

Building Block

B.

X-Force Threat Feed

C.

Reference Set

D.

Custom Rule

Full Access
Question # 8

A customer is building a big data solution which aims to perform long term analysis of security data. Security events that are processed by QRadar are also relevant for the system and according to the QRadar administrator the most straightforward option for data ingestion is to configure event forwarding on QRadar. The customer would like to make use of QRadar's parsing capability and its built-in parsers instead of developing new parsers for the big data platform. A deployment professional is asked for advice about the data format to configure for the event forwarding.

Which available option should the deployment professional propose?

A.

Normalized

B.

Payload

C.

XML

D.

JSON

Full Access
Question # 9

A customer needs to increase the storage space that is available to an Event Processor and be able to speed up historical searches.

Which solution should the deployment professional recommend?

A.

Connect a Data Node to the Event Processor

B.

Add an Event Collector to the Event Processor

C.

Connect additional External Storage to the Event Processor

D.

Expand the storage space on the Event Processor using LVM

Full Access