Create Account

IBM C2150-400

IBM Security Qradar SIEM Implementation v 7.2.1

Free Questions in OTE format

File Date Q&A Votes Size 2016-10-28 142 0/0 591.85 Kb 2016-02-06 64 0/0 468.94 Kb

Notification about new IBM C2150-400 files

Subscribe to IBM C2150-400 dump here, you will be informed about new OTE files.

About IBM C2150-400 dump

Describe the IBM Security QRadar V7.2 architecture and components.
- Planning the deployment of the IBM Security QRadar V7.2 implementation.
- Implement an IBM Security QRadar V7.2 solution based on customer requirements and environment based on a solution design.
- Use available interfaces to configure and administer the IBM Security QRadar V7.2 environment.
Perform performance tuning and problem determination for IBM Security QRadar V7.2
Planning (17%)

  • Comprehension: Describe the different Qradar components that make up a disributed deployment - hardware or virtual machine, flow collector, event processor, etc.
  • Application: Determine the sizing of the overall installation - Scenario. how many devices are needed for the environment, how many events per second, how many flows per interval, geographical locations
  • Comprehension: Plan a high availability installation - determine which hosts to HA
  • Comprehension: Plan the network hierarchy - identify the networks and CIDRs,
  • Comprehension: Plan log sources - Plan which log sources to receive logs from
  • Comprehension: Plan for receiving flows - taps, port mirrors / span ports, netflow

Installation (16%)

  • Application: Install software and initial configuration - Scenario. ISO, DVD, USB, recovering an appliance from a USB storage device, set up IP addresses
  • Comprehension: Use a deployment editor to add managed host - Set up encryption, configure off site source
  • Comprehension: Apply licenses - license management
  • Application: Set up auto update - Scenario. DSM, protocols up to date, with or without internet connection
  • Comprehension: Patch software - latest build of Qradar
  • Comprehension: Configure NAT - setting up the public and private IP address of the host
  • Comprehension: Configure HA - adding HA cluster to the host

Configuration (31%)

  • Comprehension: Configure the network heirarchy - Determining local network heirarchy,
  • Comprehension: Configure Authentication methods - using local authenticalion, active directory, LDAP, radius, TACACS
  • Application: Configure users - Scenario. security profiles, user roles, users,
  • Application: Configure external storage - Scenario. external storage, back up
  • Comprehension: Configure system settings initial system settings - administrative e-mail address, e-mail locale, database settings, etc.
  • Application ; Configure log sources - Scenario. wincollect, log source extentions, log source groups
  • Application: Configure flow sources - Scenario. different types of flow sources, Jflow, Sflow, netflow, PACKETEER, NAPATECH
  • Application: Configure scanners - Scenario. configure different types of scanners and schedules
  • Application: Configure custom properties - Scenario. event and flow custom properties, REGEXComprehension: Configure back up configuration and data backupsApplication: Configure retention - Scenario. flows and events, routing rules, retention policiesApplication: Configuring reference sets - Scenario. Collect user specific data from the payloadApplication: Configuring event categories - Scenario. Universal DSM, backend scripts

Performance Tuning and Problem Determination (19%)

  • Comprehension: Define host building blocks server discovery to set up the host definition building blocks
  • Application: Manage Rules and building blocks - Scenario. Custom rules, enable or disable rules, tune building blocks, false positives
  • Comprehension: Respond to system notification for problem determination - Scenario. system performance, hardware problems, dropped events
  • Application: Adminster aggregated data management - Scenario. determining issues with report data
  • Application: Set up index management - Scenario. determine properties to index

Administration (17%)

  • Comprehension: Set up report schedules - which reports should be run and on what basis
  • Application: Investigate offenses - Scenario. navigate through offenses, related events and flows, analyze offenses
  • Comprehension: Monitor Network and Log activities - filtering, searching, grouping and sorting, saving searches, creating dashboard widgets from searches, viewing audit logs
  • Comprehension: Asset management and server discovery - vulnerabilities, filtering, searching, grouping, sorting, saving searches on assets, importing, exporting

© 2006 ExamBrainDumps