This access degree certification is meant for directors who can show primary help and technical understanding of IBM Security QRadar SIEM V7.3.2, which includes implementation and control of an IBM Security QRadar SIEM V7.3.2 solution.
Overall, those directors are acquainted with product capability and the safety policies. They plan, deployation, configure, implement, deploy, migrate, improve, reveal and troubleshoot the IBM Security QRadar SIEM V7.3.2 software.
Note: The feature of unique apps, other than the 2 bundled with the product, is out of scope, however the idea of extending the functionality of the use of apps is in scope.
Basic understanding in:
Basic Query Language
System structure layout
Exam C1000-026: IBM Security QRadar SIEM V7.3.2 Fundamental Administration
The take a look at:
incorporates questions requiring unmarried and a couple of solutions. For a couple of-solution questions, you want to pick all required alternatives to get the solution correct. You may be cautioned what number of alternatives make up the best solution.
is designed to offer diagnostic comments at the Examination Score Report, correlating again to the take a look at objectives, informing the take a look at taker how she or he did on every segment of the take a look at. As a result, to preserve the integrity of every take a look at, questions and solutions aren’t distributed.
Please observe this examination has been withdrawn
The take a look at includes five sections containing a complete of about 60 a couple of-desire questions. The possibilities after every segment identify mirror the approximate distribution of the entire query set throughout the sections.
Number of questions: 60
Number of inquiries to pass: 40
Time allowed: 90 minutes
Section 1: Implementing8%
Plan and layout QRadar deployment.
Implement and deployation QRadar.
Add Managed Hosts.
Section 2: Migrating and upgrading12%
Plan QRadar improve and migration.
Review documentation and launch notes.
Perform QRadar updates, patches and upgrades.
Perform migration (e.g., backup and restore, import and export content material).
Section 3: Configuring and administering tasks42%
Configure occasion waft reassets and custom properties.
Maintain configuration and facts backups.
Create and administer users, person roles, and safety profiles.
Manage the license according to allocation.
Create, evaluate and adjust rules, constructing blocks and reference sets.
Configure and manipulate retention policies (i.e., facts and assets).
Create and manipulate stored searches, index, worldwide views, dashboards and reports.
Deploy and manipulate packages and content material packages.
Configure worldwide device notifications.
Configure and practice community hierarchy.
Configure and manipulate area and tenants.
Use the asset database.
Schedule and run a VA scan.
Section 4: Monitoring25%
Monitor QRadar Notifications and mistakess messages.
Review and interpret device tracking dashboards.
Verify QRadar approaches and offerings.
Monitor QRadar performance.
Use apps and gear for tracking (e.g., QDI, assistant app, incident overview, DrQ).
Check device upkeep and fitness of appliances.
Monitor offenses and hit upon anomalies.
Section five: Troubleshooting demonstrate understanding of key instructions to interpret QRadar offerings and approaches.
Explain mistakess messages and notifications.
Interpret the primary logs (e.g., qradar.mistakess, qradar.log).
Use embedded troubleshooting gear and scripts