New Year Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

C1000-055 Questions and Answers

Question # 6

A customer is building a big data solution which aims to perform long term analysis of security data. Security events that are processed by QRadar are also relevant for the system and according to the QRadar administrator the most straightforward option for data ingestion is to configure event forwarding on QRadar. The customer would like to make use of QRadar's parsing capability and its built-in parsers instead of developing new parsers for the big data platform. A deployment professional is asked for advice about the data format to configure for the event forwarding.

Which available option should the deployment professional propose?

A.

Normalized

B.

Payload

C.

XML

D.

JSON

Full Access
Question # 7

A deployment professional needs to find out which rules are generating most of the offenses. What should the deployment professional do? (Choose two)

A.

Use search where Log source is Custom Rule Engine-8 :: and choose Grouping by Event Name

B.

Offenses -> Rules -> Sort by Offense Count

C.

Offenses -> By Category

D.

Use search where Log source is Health Metrics-2 :: and choose Grouping by Event Name

E.

Generate Report "System Summary"

Full Access
Question # 8

A deployment professional needs to clear out the Asset Database in IBM QRadar. Which service on the Console is restarted when script cleanAssetModel.sh is executed?

A.

PostgressDB

B.

Hostcontext

C.

Hostservices

D.

Tomcat

Full Access
Question # 9

A deployment professional has been asked to ensure the system can be integrated with another system which contains lists of IP addresses and CIDR ranges in an automated manner, to allow rules to target specific communication endpoints.

Which part of QRadar is designed to hold and manage this data?

A.

Domain Definition

B.

Network Hierarchy

C.

Asset Profiles

D.

Building Blocks

Full Access