C2150-624 IBM Security QRadar SIEM V7.2.8 Fundamental Administration

Comments Off on C2150-624 IBM Security QRadar SIEM V7.2.8 Fundamental Administration

Test information:
Number of questions: 60
Time allowed in minutes: 90
Required passing score: 63%
Languages: English

Related certifications:
IBM Certified Associate Administrator – Security QRadar SIEM V7.2.8

The test consists of 6 sections containing a total of approximately 60 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.

Section 1 – Architecture Components (8%)
Explain the QRadar components and terminology (QFlow, EPS, ECS, CRE, Console, Magistrate, etc.).
Interpret QRadar dashboards.

Section 2 – Planning and Installation (15%)
Describe QRadar models and performance levels (possible matching). (Determining environmental hardware requirements, storage requirements, storage retention, compliance).
Perform and apply planning procedures for installing and implementing Disaster recovery / HA DR.
Distinguish the log and flow sources.
Interpret license limitations and levels.
Apply configuration and data backups.

Section 3 – Administrative Tasks (33%)
Demonstrate how to attach new data sources (logs, flows, wincollect).
Explain administrative roles within QRadar.
Implement system licenses.
Implement user and role accounts.
Apply back-up and restore processes.
Administer Reference Sets.
Apply network hierarchy (managing IP addresses).
Using the asset database.
Execute and manage data retention.
Apply event and flow retention configuration.
Demonstrate basic Postgress SQL (PSQL) knowledge.
Demonstrate basic Ariel Query Language (AQL) knowledge.
Generate, modify and interpret reports using QRadar templates.

Section 4 – Migrating and Upgrading (11%)
Explain and perform the steps involved in migrating the console.
Distinguish the difference between hard and soft clean (Reset SIM).
Perform the basic commands required to run the console when upgrading.
Explain the basic steps within each upgrade type � automated vs manual / HA vs stand-alone deployment (process flow during upgrades, order of upgrade of components, etc.).
Explain the upgrade paths (from which versions).

Section 5 – Configuring, Monitoring and Tuning (of the implementation) (14%)
Describe different system monitoring dashboards .
Demonstrate basic knowledge of Rules Tuning (how to create, delete and modify).
Demonstrate QRadar architecture configurations.
Demonstrate the use of key commands to determine system status.

Section 6 – Troubleshooting (18%)
Interpret EPS, FPS and performance.
Explain basic disaster recovery procedures, HA DR.
Demonstrate rules and expressions in RegEx.
Describe where logs are located.
Interpret error messages on the dashboards.
Use the available services for troubleshooting (what to check and why).

IBM Certified Associate Administrator – Security QRadar SIEM V7.2.8

Job Role Description / Target Audience
This entry level certification is intended for administrators who can demonstrate basic support and technical knowledge of IBM Security QRadar SIEM V7.2.8, including implementation and management of an IBM Security QRadar SIEM V7.2.8 solution.

Overall, these administrators are familiar with product functionality and the security policies. They plan, install, configure, implement, deploy, migrate, upgrade, monitor, tune and troubleshoot the IBM Security QRadar SIEM V7.2.8 software.

To attain the IBM Certified Associate Administrator – Security QRadar SIEM V7.2.8 certification, candidates must pass 1 test. To prepare for the test, it is recommended to refer to the job role description and recommended prerequisite skills, and click the link to the test below to refer to the test objectives and the test preparation tab.

Basic knowledge of:
Basic Query Language
Regular Expressions
Linux commands and file management
Network Infrastructures and devices
System architecture design
Security technologies such as firewalls, encryption using keys, SSL, HTTPS, etc.

This certification requires 1 test(s).

Test C2150-624 – IBM Security QRadar SIEM V7.2.8 Fundamental Administration


Click here to view complete Q&A of C2150-624 exam
Certkingdom Review
, Certkingdom PDF Torrents

MCTS Training, MCITP Trainnig

Best IBM C2150-624 Certification, IBM C2150-624 Training at certkingdom.com