CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. IBM
  5. C1000-055

Free C1000-055 Exam Braindumps (page: 2)

Page 2 of 16
PDF with 60 Questions

A client uses the IBM Security QRadar Vulnerability Manager to discover vulnerabilities on the network devices, applications, and software. They run the QRadar Vulnerability Manager from an All-in-one system, where the scanning and processing functions are on the Console. As the client's QRadar deployment is growing, they are also considering deploying scanners.
What is a valid client motivation for deploying additional scanners?

  1. To scan an asset in the same geographic region as the QRadar Vulnerability Manager processor.
  2. To patch assets for their vulnerabilities.
  3. To avoid scanning through a firewall that is a log source.
  4. To find more vulnerabilities on a given system.

Answer(s): D



A deployment professional found the System Activity Reporting (SAR) notifications alert "Performance degradation was detected in the event pipeline. Expensive DSM extensions were found". From the Log Sources under date creation, it can be seen that a new DSM was installed by another team member today.
To troubleshoot this issue, what steps can the deployment professional take? (Choose two)

  1. Review the debug file /var/log/qradar.dsm.debug
  2. Review the payload of the notification to determine which expensive DSM extension in the pipeline affects performance.
  3. Ensure that the log source extension is applied to all of the log sources.
  4. Run the DSM Editor and select Optimize over DSM payload to correct this error.
  5. Order your log source parsers from the log sources with the most sent events to the least and disable unused parsers.

Answer(s): B



A customer is building a big data solution which aims to perform long term analysis of security data. Security events that are processed by QRadar are also relevant for the system and according to the QRadar administrator the most straightforward option for data ingestion is to configure event forwarding on QRadar. The customer would like to make use of QRadar's parsing capability and its built-in parsers instead of developing new parsers for the big data platform. A deployment professional is asked for advice about the data format to configure for the event forwarding.
Which available option should the deployment professional propose?

  1. Normalized
  2. Payload
  3. XML
  4. JSON

Answer(s): A



A deployment professional decides to improve visibility in the network and successfully installs the Flow Collector.
What should the deployment professional connect the Flow Collector to?

  1. WAN port
  2. SPAN port
  3. LAN port
  4. SAN port

Answer(s): B






Post your Comments and Discuss IBM C1000-055 exam with other Community members: