Started on Wednesday, October 11, 2023, 7:40 AM

State Finished
Completed on Wednesday, October 11, 2023, 7:49 AM Back Next

Time taken 8 mins 27 secs

Feedback Congratulations, you passed the quiz!

Question 1 You are at the client site and must deploy two QRadar SIEM 1505 appliances. What role
Correct do those two appliances have in the QRadar deployment?

Points out of
Event processor
1.00
Flow collectors
Flow processor
Event collectors 

Question 2 Before you start deployment project of IBM products for a client, what should you first
Correct verify with the client?

Points out of 
Is the statement of work signed?
1.00
Did you shared architecture design document with the client?
Are the architectural decisions developed?
Does the client have project team?

Question 3 IBM is working on the QRadar SIEM deployment statement of work (SOW). Select what
Correct elements should be built into SOW to address tuning the QRadar SIEM.

Points out of
AQL search, PULSE dashboards, and QRadar user activity
1.00
Network hierarchy, indexing, and offense investigation
Custom log source, DMS Editor, and custom properties
Network hierarchy, indexing, and rule tuning 
Question 4 What is the name of QRadar component which enforces licenses limit on the QRadar
Correct Flow Collector.

Points out of 
aggregator Back Next
1.00
ariel
magistrate
overflow filter

Question 5 In QRadar SIEM Deployment, which app can help you to manage installed QRadar apps
Correct and content extensions?

Points out of 
Assistant app
1.00
PULE app
Use Case Manager App
App Host

Question 6 When performing installation and configuration of the IBM product, why is important to
Incorrect follow the official documentation.

Points out of
To maintain IBM Support contract
1.00
To avoid project scope creep
To get the best performances of the product 

To avoid running into product defects

Question 7 You are working with the client on the QRadar architecture design. You are proposing
Correct additional hardware as a combined Event/Flow processor appliance. What appliance
model should client purchase from IBM?
Points out of
1.00
4048
1605
1848-C 

1729
Question 8 Working with the client on the QRadar SIEM deployment, the IBM Technical
Correct Professional must address multitenancy. What skills Technical Professionals must
demonstrate?
Points out of
Back Next
1.00 
Configuring domains and tenants
Configuring ALQ searches and dashboards per tenant
Isolating log sources and reports
Configuring logs, assets and tenants

Question 9 In QRadar SIEM architecture, what component creates and stores the offense?
Incorrect
Event processor 
Points out of
Ariel
1.00
Magistrate
console

Question 10 You are deploying QRadar SIEM on-premises. What options must you know to design
Correct and install solutions properly?

Points out of
Number of Flow Processors and Disconnected Log Collectors
1.00
Number of Event Processors and Event Collectors 

Number of Data Gateways and Disconnected Log Collectors

Number of Event processors and data gateways

Question 11 Working with the client on the QRadar SIEM deployment, the IBM Technical
Correct Professional discussed the number of hardware appliances needed for the solutions
and the regions they would install. What document should capture the final
Points out of
configuration decisions?
1.00

Solution Architecture 

Install and configure

Architecture decisions
Statement of Work
Question 12 When creating the solution architecture document what helps you do defend why
Correct technical solution is designed in certain way.

Points out of
IBM Product features advantages and limitations Back Next
1.00
Business stakeholders’ requests
Architectural decisions 

Budget and resources limitations

Question 13 When creating the solution architecture document what helps you do defend why
Correct technical solution is designed in certain way.

Points out of 
Architectural decisions
1.00
Business stakeholders’ requests
IBM Product features advantages and limitations
Budget and resources limitations

Question 14 You are drafting the SOW for a product deployment. What are some of the client
Correct responsibilities that should be outlined in the SOW?

Points out of
The client does not have responsibilities. IBM provides the work and guaranties for
1.00
the production system.
The client will need to provide their requirements in an easy-to-understand 

way, they should provide feedback throughout the project, and evaluate the
results of the project.
Client must drive the project plan and reporting.
The client must drive the architecture with the help of IBM.
Question 15 As a part of the deployment project, the client asked to integrate a firewall system,
Correct which is not on our default log sources (DSM) list of QRadar SIEM. What skills must IBM
have on the team to develop this custom log source?
Points out of
Back Next
1.00 
Knowledge of DMS editor and regex
Knowledge of Python and regex
Knowledge of Python and JSON
Knowledge of DMS editor and Python

Question 16 What is the name of QRadar component which enforces licenses limit on the QRadar
Correct Event processor.

Points out of
ariel
1.00
event storage filter
aggregator
overflow filter 

Question 17 The burst handling method provides an overflow buffer to temporarily store events and
Correct flows that exceed the license limit. What is the size of the temporary burst handling
queue for events and flows on the QRadar SIEM appliance?
Points out of
1.00
20 GB
5 GB 

1 GB
10 GB

Question 18 In QRadar SIEM on-premises architecture, what database is used to store offenses?
Correct
Data Node
Points out of
Ariel
1.00
DB2
PostgreSQL 
Question 19 During the architecture design phase. You have discovered necessary integration with
Correct customer HR database. The integration was not part of initial scope of work. What
process you have to initiate to properly address customer need.
Points out of
Back Next
1.00
Request a new contract
Assign additional resource to the project
Work with the project management team to incorporate out of scope solution into
the project plan
Generate PCR 

Question 20 How does QRadar collect Laver 7 application data?

Correct
By using QFlow Collector appliances 
Points out of
By using an AOL search on the Network Activity tab
1.00
By using the CRE in the Magistrate on the Console
By using the CRE in Event Processor appliances