C1000-175: Foundations of IBM Security QRadar SIEM V7.5

Full Name: Foundations of IBM Security QRadar SIEM V7.5

Exam Code: C1000-175

Certification Overview

An IBM Certified Associate – Security QRadar SIEM V7.5 is an individual with entry level knowledge and experience with QRadar SIEM V7.5.  This individual understands foundational concepts of QRadar SIEM V7.5 through hands-on experience and formal and informal education. The associate has knowledge of the basic to intermediate tasks required in day-to-day use of QRadar SIEM V7.5.

Try Sample Exam »

Note: The function of specific apps, apart from those bundled with the product, is out of scope, but the concept of extending the capability of using apps is in scope.  This exam does not include the SaaS offering QRadar on Cloud (QRoC).

IBM Foundations of Security QRadar SIEM Exam Summary:

Exam Name	IBM Certified Associate - Security QRadar SIEM V7.5
Exam Code	C1000-175
Exam Price	$200 (USD)
Duration	90 mins
Number of Questions	62
Passing Score	66%
Books / Training	IBM QRadar SIEM Foundations (BQ104G) IBM QRadar SIEM Foundations - Self-Paced Virtual Course (SPVC) (BQ104XG) IBM QRadar SIEM Foundation
Sample Questions	IBM Foundations of Security QRadar SIEM Sample Questions
Practice Exam	IBM C1000-175 Certification Practice Exam

IBM C1000-175 Exam Syllabus Topics:

Topic	Details	Weights
SIEM Concepts	- Log Management - Event Correlation and Analytics - Incident Monitoring and Security Alerts - Compliance Management and Reporting	10%
QRadar Architecture	- Understand the logical components of QRadar - Understand QRadar appliances - Understand how QRadar can be deployed in different environments	10%
User Interface	- Describe main portions of the QRadar SIEM GUI	05%
Extensions	- Illustrate the use of the IBM Security App Exchange - Understand the QRadar Assistant App - Describe the installed apps	05%
Flows	- Describe flows versus events - Manage flow sources - Explain the basic use case for QNI versus QIF - Understand that there are three inspection levels in QNI	06%
Rules and Building Blocks	- Create and configure rules - Understand the use of rule types - Understand rules tests - Understand rule responses - Create and manage building blocks - Describe Local versus Global correlation	10%
Working with Offenses	- Describe the basic offense lifecycle - Manage offenses	08%
Search, Filtering, and AQL	- Utilize different search types - Conduct search management - Use Filters	08%
Assets	- Explain how the asset database gets populated - Describe the value of the vulnerability information in the asset database - Demonstrate use of the asset database	05%
Reporting and Dashboards	- Generate, modify and interpret reports using QRadar templates - Interpret QRadar dashboards - Manage reports - Use the Report Wizard	06%
Events	- Describe the processes of data ingestion - Log source management - Event parsing - Custom properties - Describe the basic uses of the DSM editor	10%
Configuration and Tuning	- Understand network hierarchy - Explain the licensing model	06%
QRadar System Errors	- Monitor QRadar Notifications and error messages - Investigate common errors	06%
User and Role Management	- Understand user roles - Understand user authentication and authorization - Understand security profiles	05%