C1000-018 – IBM QRadar SIEM V7.3.2 Fundamental Analysis

Loading demo links...

Showing 1–3 of 9 questions

Question 1

Which are the supported protocol configurations for Check Point integration with QRadar? (Choose two.)

Select all that apply, then click Submit answer.

○
CHECKPOINT REST API
○
SYSLOG
○
JDBC
○
SFTP
○
OPSEC/LEA

Question 2

When an analyst sees the system notification “The appliance exceeded the EPS or FPM allocation within the last hour”, how does the analyst resolve this issue? (Choose two.)

Select all that apply, then click Submit answer.

○
Delete the volume of events and flows received in the last hour.
○
Adjust the license pool allocations to increase the EPS and FPM capacity for the appliance.
○
Tune the system to reduce the volume of events and flows that enter the event pipeline.
○
Adjust the resource pool allocations to increase the EPS and FPM capacity for the appliance.
○
Tune the system to reduce the time window from 60 minutes to 30 minutes.

Question 3

What information is displayed in the default “Log Activity” page? (Choose two.)

Select all that apply, then click Submit answer.

○
QID
○
Protocol
○
Qmap
○
Log Source
○
Event Name

← Prev 1 2 3 Next →

Page 1 of 3

Sale Ends In

2h 0m 0s