CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. IBM
  5. C1000-026

Free C1000-026 Exam Braindumps (page: 4)

Page 3 of 16
PDF with 60 Questions

An administrator is about to integrate logs from a custom firewall in a QRadar deployment using syslog. The SIEM has two domains, namely Domain A and Domain B. While reviewing the following sample logs, the administrator notices a “context” keyword:

May 14 11:05:01 192.168.1.23 20190514 11:05:00 context=contextA permit 192.168.1.24 source: 10.10.1.15; source_port: 64094; destination: 10.10.13.34; service: 53; protocol: udp;

May 13 12:07:01 192.168.1.23 20190513 11:07:00 context=contextB permit 192.168.1.25 source: 10.10.1.15; source_port: 64094; destination: 10.10.13.34; service: 53; protocol: udp;

Which options assign the “contextA” logs to DomainA and the “contextB” logs to domain B? (Choose two.)

  1. Create a single log source, create a “Context” custom event property, and assign the log to both domains using a custom rule.
  2. Create two individual log sources by configuring a separated logging instance for each context on the firewall and assign each log source to the correct domain.
  3. Create a single log source, create a “Context” custom event property, and assign the log to the correct domain using custom event property value.
  4. Create two individual log sources using the context value as log source identifier and assign each log source to the correct domain.
  5. Create a single log source, create a “Context” custom event property, and assign the log to the correct domain using a custom rule.

Answer(s): B,D



An administrator plans to deploy multiple log sources that share a common configuration. How many log sources can be added at one time?

  1. 1000
  2. 750
  3. 250
  4. 500

Answer(s): D


Reference:

https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/t_logsource_bulkadd.html



An administrator needs to add the following networks to a QRadar network hierarchy as a single Classless Inter-Domain Routin (CIDR) range:

192.168.64.0/24
192.168.65.0/24
192.168.66.0/24
192.168.67.0/24

What is the correct supernet for these subnets?

  1. Network 192.168.66.0 with subnet mask 255.255.252.0
  2. Network 192.168.64.0 with subnet mask 255.255.252.0
  3. Network 192.168.64.0 with subnet mask 255.255.255.0
  4. Network 192.168.66.0 with subnet mask 255.255.252.0

Answer(s): C



Due to regulatory constraints, an administrator must increase the minimum password length and complexity. In which QRadar section can the administrator change this setting?

  1. Admin / System settings
  2. Admin / Password policy
  3. Admin / Security profiles
  4. Admin / Authentication

Answer(s): B


Reference:

https://www.ibm.com/support/knowledgecenter/en/SSHLHV_5.4.0/com.ibm.alps.doc/tasks/alps_configuring_admin_settings.htm






Post your Comments and Discuss IBM C1000-026 exam with other Community members:

C1000-026 Exam Discussions & Posts