Free IBM Security QRadar SIEM V7.3.2 Fundamental Administration C1000-026 Exam Practice Test

An administrator has to change the system hardware clock of the QRadar server. The administrator hasalready restarted the main services (hostservices, tomcat, hostcontext) and needs to synchronize the QRadarConsole time with the QRadar managed hosts.Which command can the administrator use to accomplish this?

• /opt/qradar/support/all_servers.sh systemctl restart systemd-timedated.service
  
• /opt/qradar/support/all_servers.sh /opt/qradar/bin/time_sync.sh
  
• /sbin/hwclock --systohc /opt/qradar/bin/time_sync.sh
  
• /opt/qradar/support/all_servers.sh service ntpd restart
  

An administrator needs to collect logs from the Command Line Interface (CLI).Which command should the administrator use?

• /opt/bin/qradar/support/get_logs.sh
  
• /opt/support/get_logs.sh
  
• /opt/support/qradar/get_logs.sh
  
• /opt/qradar/support/get_logs.sh
  

An administrator would like to categorize discovered assets by port definitions and add this information to aserver type building block for further use.Which QRadar Console functionality should the administrator use?

• Assets Tab -- Actions - Scan
  
• Assets Tab -- Server Discovery
  
• Admin Tab -- Auto Update
  
• Admin -- Scheduled Scans
  

A company has two different domains in their IBM QRadar system: Domain_A and Domain_B. Anadministrator has been tasked to create a rule to look only at events that are tagged with Domain_A andignore rules that are tagged with the other domains.What domain text should the administrator use to create this rule?

• is from domain: Domain_A
  
• from domain: Domain_A
  
• domain is: Domain_A
  
• domain is one of: Domain_A
  

An administrator needs to develop advanced filters to retrieve information from the QRadar System pertainingto the top abnormal events of the most bandwidth-intensive IP addresses.How can the administrator do this?

• Build an AQL query using the QRadar Scratchpad
  
• Combine GROUP BY and ORDER BY clauses in a single query
  
• Use the IBM DataStudio to create the query
  
• Build an AQL query using the QRadar GUI using Assets > Search Filter
  

An administrator needs to save the nightly QRadar backups on a network storage.The administrator has established the connection to the network storage.What should the administrator do next?

• Change the Backup Repository Path to the network storage location using the Backup Recovery
  Configuration window.
  
• Change the Backup Repository Path by adding a new Network Activity Rule.
  
• Change the Backup Repository Path to the network storage location using the System Settings window.
  
• Configure the new network storage using the Assets Manager
  

When an administrator attempts to edit a log source after upgrading QRadar, a Device Support Module(DSM), a protocol, or Vulnerability Information Services (VIS) components, the following error messageappears.An error has occurred. Refresh your browser (press F5) and attempt the action again. If the problempersists, please contact customer support for assistance.What action should the administrator take to troubleshoot this issue? (Choose two.)

• systemctl restart snmpd
  
• systemctl restart iptables
  
• systemctl restart ecs-ep
  
• systemctl start tomcat
  
• systemctl restart httpd
  
• Clear browser cache
  

A QRadar upgrade is planned and a maintenance window is scheduled. The administrator must stage theFIXPACK from IBM Fix Central.Which QRadar FIXPACK file type must the administrator download?

• RPM
  
• IMG
  
• SFS
  
• XFS
  

An administrator enters the QRadar web console into a web browser but does not get a response.Which process is responsible for the QRadar GUI?

• tomcat
  
• consoled
  
• magistrated
  
• guid
  

To comply with specific regulations, an administrator has been requested to increase asset retention to 365 days.In which QRadar section can the administrator find the asset retention settings?

• Admin Tab / Asset Retention
  
• Assets Tab / Retention settings
  
• Admin Tab / System settings
  
• Assets Tab / Asset Retention