Full Name: IBM Security QRadar SIEM V7.4.3 Deployment
Exam Code: C1000-140
Certification Overview
This intermediate level certification is intended for deployment professionals who are responsible for the planning, installation, configuration, performance optimization, tuning, troubleshooting, and system administration of an IBM QRadar SIEM V7.3.2 deployment. These professionals can complete these tasks with little to no assistance from documentation, peers or support.
Recommended Skills
◉ TCP/IP networking
◉ Unix command line knowledge
◉ Basic security tecnologies
◉ Regex
◉ Enterprise logging
◉ Network monitoring using flows
◉ Understand the role and activities of an analyst and administrator for QRadar
IBM QRadar SIEM V7.4.3 Deployment Exam Summary:
Exam Name
|
IBM Certified Deployment Professional - Security QRadar SIEM V7.4.3
|
Exam Code
|
C1000-140
|
Exam Price
|
$200 (USD)
|
Duration
|
90 mins
|
Number of Questions
|
61
|
Passing Score
|
65%
|
Training
|
|
Sample Questions
|
|
Practice Exam
|
IBM C1000-140 Exam Syllabus Topics:
| Topic | Details | Weights |
| Deployment Objectives and Use Cases | - Review business needs - Determine QRadar apps and content value - Define QRadar value reporting |
5% |
| Architecture and Sizing | - Determine scope and size requirements for deployment - Plan for placement of appliances - Determine requirements for data retention - Determine QRadar deployment components - Identify the need for HA and DR - Determine licensing requirements - Windows collection architecture |
18% |
| Installation and Configuration | - Install QRadar SIEM - Apply and update licensing - Apply QRadar system Certificates - Backup, recovery, and data retention - Conduct initial configuration - Configure authentication and access control |
16% |
| Event and Flow Integration | - Define log sources - Define and configure flow sources - Define custom properties - Install content extensions based on requirements - Identify event parsing requirements |
12% |
| Environment and XFE Integration | - Configure Assistant App and use it to manage the apps - Establish X-Force intelligence data integration levels - Configure Use Case Manager - Populate and Use Asset database |
8% |
| System Performance and Troubleshooting | - Look for R2R events - Monitor system performance - Check SIM audit events and logs - Check and restart Apps as necessary - Identify event drops, events going to storage and unknown events |
13% |
| Initial Offense Tuning | - Tune noisy offenses and CRE events - Identify expensive rules and properties - Utilize Server Discovery - Update building blocks - Manage and use reference data |
8% |
| Migration and Upgrades | - Migrate Data - Upgrade prerequisites - Determine content migration strategy - Review App Framework considerations (UBI) - Restoring a backup - Performing system migration |
13% |
| Multi-Tenancy Considerations | - Define domains and tenants requirements - Configure items which involve Multi-tenancy |
7% |
Posts
0 comments:
Post a Comment