Number of questions: 60
Number of questions to pass: 34
Time allowed: 120 mins

This exam consists of 4 sections described below.

Customer Requirements 20%
Identify customer business drivers and goals.
Identify customer technology requirements.
Identify constraints in the customer’s physical environment.

Pre-sales Technical Support 27%
Describe differences between IBM DS8000 and other IBM storage products.
Given a scenario, describe when to select IBM DS8000 as the preferred IBM storage product.
Describe technical capabilities of the IBM DS8000 system.
Compare IBM DS8000 advantages over competitor products.

Solution Architecture 33%
Given a scenario, configure a system to meet a customer requirements.
Given a scenario, ensure a solution is supported in a customer’s SAN and server infrastructure.
Determine the capacity required to support multiple platforms.
Given a scenario, design a solution to meet the desired performance of a storage subsystem.
Given a scenario, architect a solution that includes other advanced functions of the IBM DS8000.
Given a scenario, architect a replication solution in metro, global, three-site and four-site environments including sizing of connectivity requirements and copy services.
Given a scenario, determine required licenses.
Identify requirements and benefits of additional external software.
Given a scenario, conduct a TDA of an IBM DS8000.

Solution Design and Implementation 20%
Describe how to perform administrative tasks in the CLI and GUI in the IBM DS8000.
Describe license management in the IBM DS8000.
Given a scenario, design the logical configuration in the IBM DS8000.
Given a scenario, determine sizing requirements of a design.
Given a scenario, design host access in the IBM DS8000.
Given a scenario, design detailed point-in-time copy solution and remote copy services solution.
Describe remote support capabilities in the IBM DS8000.
Describe local alerting features and functions in the IBM DS8000.
Describe security features and functions in the IBM DS8000.
Given a scenario, describe processes, procedures, or resources to help resolve installation and implementation issues related to the IBM DS8000.
Describe additional IBM fee-based services and resources.

PartnerWorld Code: 23002405
Replaces PW Code: Not Applicable

Status: Live
This IBM System Storage DS8000 Technical Solutions specialist can work independently to provide pre-sales technical support, solution design, and implementation planning for the IBM System Storage DS8000 in an open systems and/or IBM z Systems mainframe environment to meet customer requirements. This specialist can also identify customer requirements and architect and design appropriate solutions to meet the requirements.

IBM products included on this certification exam include IBM DS8000, IBM DS8884, IBM DS8886, IBM DS8888, IBM SAN, IBM Spectrum Control, IBM Spectrum Protect and IBM SAN Volume Controller with IBM Spectrum Virtualize software.
This specialist can perform the following tasks without assistance: articulate the differences (from other IBM storage) and/or competitive advantages of currently marketed IBM System Storage DS8000 solutions in an IBM z Systems or open systems environment; correctly position the IBM DS8000 in the IBM storage solutions portfolio; be familiar with general features of current and previous IBM DS8000 systems for purposes of upgrades and compatibility; use IBM tools to size and design a configuration to meet requirements (Disk Magic, Capacity Magic, eConfig); take technical responsibility for the pre-sales and pre-installation Technical Delivery and Assurance (TDA) process; recommend options for advanced functions appropriate to the OS environment, e.g., Global Copy, FlashCopy, Metro Mirror, Global Mirror, Metro/Global Mirror, QoS, thin provisioning, z/OS Global Mirror, HyperSwap, dataset FlashCopy, PAV, zHPF, and distributed data backup; understand the architectural features, e.g., encryption, tiering, RAS, and VMware integration; verify the interoperability of the solution via SSIC in the customer environment; understand and position the integration with PowerHA, IBM Spectrum Storage family, GDPS, and other IBM products; possess knowledge of the IBM support organization and resources where to find assistance when needed; understand options available for migration and environments where they are applicable; have a basic understanding of LSS and how it relates to copy services.
This specialist can perform the following tasks with assistance: provide post-sales support of the solution; develop a migration strategy; work in heterogeneous operating system environments, e.g., mainframe and open systems; and design business continuity solutions.
This specialist can use the following tools and resources: Knowledge Center; Disk Magic; Capacity Magic; STAT; eConfig; TDAs; DS8000 GUI and DS8000 CLI; IBM Sales Manual; IBM Spectrum Control, Copy Services Manager, IBM Spectrum Protect Snapshot, and SKLM; System Storage Interoperation Center (SSIC); and Redbooks.

Recommended Prerequisite Skills
6 months experience in a DS8000 pre-sales technical support role
24 months or more general storage experience and enterprise class storage experience
Implement an IBM DS8000 system in an open systems or mainframe environment
Capability to work independently and effectively in complex environments

Requirements
This certification requires 1 exam

Exam Required:
Click on the link below to see exam details, exam objectives, suggested training and sample tests.
C9020-563 – IBM System Storage DS8000 Technical Solutions V5

---

QUESTION 1
A customer has two data centers and wants to plan for synchronous replication. Its telecommunications vendor has proposed different replication link bandwidths to choose from.
What must be considered when sizing the replication link?

A. Read I/Os per second on the primary system
B. Write MB/s on the primary system
C. The number of HBAs installed on the primary system
D. Capacity installed on the secondary system

Answer: A

Explanation:
References:
https://www.ibm.com/developerworks/community/blogs/storwizecopyservices/entry/sizingreplication?lang=en

---

QUESTION 2
A customer wants to use Global Mirror to replicate at 1000 kilometers but is concerned about the capacity at the remote site.
What is the minimum number of total copies of the data that must exist at the local and remote sites to support Global Mirror?

A. 4
B. 6
C. 2
D. 3

Answer: C

Explanation:
Global Mirror is a method of asynchronous, remote data replication between two sites that are over 300 kilometers (km) apart. It maintains identical data in both the source and target, where the source is located in one storage system and the target is located in another storage system. Using Global Mirror, your data exists on the second site that is more than 300 KM away, and can be restored to the first site.
References: https://www.ibm.com/support/knowledgecenter/en/SSSKXG_1.5.0/com.ibm.sspc_v15.doc/f rg_c_sspc_ct.html

---

QUESTION 3
What is a competitive advantage of IBM DS8880 Global Mirror versus EMC asynchronous remote replication?

A. No requirement for additional cache
B. No requirement for host software to manage consistency groups
C. No need for additional software to mix mainframe and open volumes in a single consistency group
D. No need to implement external time source

Answer: C

---

QUESTION 4
Which amperage option is available for the IBM DS8884 power cord?

A. 110 amp
B. 90 amp
C. 30 amp
D. 15 amp

Answer: C

Explanation:
The DS8884 configurations do not use more than 30 amps.
References: https:://www-01.ibm.com/common/ssi/ShowDoc.wss?docURL=/common/ssi/rep_rp/1/ENUS8S1571/inde x.html&lang=en&request_locale=en

Click here to view complete Q&A of C9020-563 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM C9020-563 Certification, IBM C9020-563 Training at certkingdom.com

Number of questions: 50
Number of questions to pass: 35
Time allowed: 75 mins

The contents of this exam is applicable for IBM Cúram V6.0.4 and later V6 versions.
This multiple-choice test contains questions requiring single and multiple answers. For multiple-answer questions, you need to choose all required options to get the answer correct. You will be advised how many options make up the correct answer.
This test is designed to provide diagnostic feedback on the Examination Score Report, correlating back to the test objectives, informing the test taker how he or she did on each section of the test. As a result, to maintain the integrity of each test, questions and answers are not distributed.

The test contains five sections totalling 50 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections. The contents of this exam is applicable to IBM Cúram V6.0.4 and later V6 versions.

Section 1 – IBM Cúram Infrastructure 10%
Identify the components of IBM Cúram Social Program Management
Outline the runtime architecture used in IBM Cúram for the client and server applications
Access product documentation that is provided with the IBM Cúram application
Select the appropriate build target for a particular task
Other – file types

Section 2 – Server Development 30%
Use RSA fragments, RSA packages, and the CODE_PACKAGE option
Model the following classes: Domain Definition, Entity, Struct, Process, and Facade
Interpret the class hierarchy that is generated from modeled classes
Model the following relationships: Index, Foreign Key, Assignable, Aggregation
Define appropriate stereotype operations for entity, process and facade classes
Specify options for exit points, auditing and optimistic locking
Define code tables, data manager files, and message files
Implement exception handling
Specify modeled and mandatory field validations
Implement server validation and post-processing messages using the Informational Manager
Perform server-side testing and tracing
Generate unique IDs

Section 3 – Client Development 20%
Identify features for localization and externalizing strings
Select the necessary build targets for client development
Employ common UIM elements: PAGE, CLUSTER, FIELD, CONNECT, LINK, PAGE_PARAMETER, SOURCE, TARGET, SERVER_INTERFACE, ACTION_SET, ACTION_CONTROL
Implement a simple search feature
Implement a modify feature
Identify the parts of the IBM Cúram user interface
Configure application navigation features
Implement the following client features: multiple submit, select lists, display images, views, wizards and in-page navigation, and expandable lists
Invoke the UIM Generator to create pages
Add logic to your UIM pages using JSP scriptlets and JavaScript
Use features to perform client-side validation
Identify out-of-the-box domain specific controls or widgets and the use of the Custom Widget Development Framework (CWDF)
Perform client tracing

Section 4 – Server Customization 30%
Identify the features for deprecation reporting
Access and interpret documentation to determine the compliant customization approach
Specify the build precedence using the component order variables
Customize non-source code artifacts compliantly: message files, code tables, data manager files, server configuration files
Configure validations using the Administration Suite
Customize source code artifacts compliantly: Structs, Façade and Process classes, Entity classes, Domain Definitions
Distinguish between service layer classes developed using the persistence infrastructure and those developed using the classic development approach
Customize service layer implementations using the Event/Listener pattern, Strategy pattern, and references to services layer classes

Section 5 – Client Customization 10%
Customize client artifacts compliantly, including UIM pages, property files, application navigation, images, and style sheets
Determine the purpose of the key client configuration files and how they can customized
Implement a plug-in for custom data conversion and sorting
Identify the options for customizing widgets

Overview
PartnerWorld Code: 58000501
Replaces PW Code: 58000501

Status: Live
This intermediate level certification is intended for Java developers who will work as Cúram developers for V6.0.4 and V6.0.5.
Recommended Prerequisite Skills

Before preparing for this certification, working knowledge of the following is recommended and assumed:
object-oriented concepts
Java
XML
SQL
n-tier enterprise applications

In preparing for this certification, the following IBM courses are highly recommended:

9D32G (or 9D44G): Fundamentals of the IBM Cúram SPM Platform for Developers V6.0.4 (or V6.0.5)

OR

9D40G (or 9D49G): Fundamentals of the IBM Cúram SPM Platform for Developers (ADE) V6.0.4 (SPVC) (or V6.0.5)
AND
9D41G (or 9D50G): Fundamentals of the IBM Cúram SPM Platform for Developers (Customization) V6.0.4 (SPVC) (or V6.0.5)

You may also consider taking one of the following courses to practice using IBM Cúram features:

9D46G (or 9D53G): IBM Cúram SPM Platform Development Environment 6.0.4 – Expert Arena (SPVC) (6.0.5)

---

QUESTION 1
Which of the following entity method stereotypes require SQL to be provided?

A. nsread
B. ns
C. nsmulti
D. batch
E. nsmodify

Answer: B,C

---

QUESTION 2
The default control for CODETABLE values in a Cúram page is a drop-down menu. The default control for CODETABLE values in a Cúram page is a drop-down menu. How can this be replaced with a set of radio buttons?

A. Ensure that the underlying Domain Definition on the model resolves to SHORT_CODETABLE_CODE.
B. Set the SHORT attribute on the FIELD to true.
C. Set the Radio Button option on the Domain Definition to true.
D. Set the Radio Button option on the corresponding struct to true.

Answer: A

---

QUESTION 3
Which of the following are valid subdirectories of a server component directory?

A. model
B. codetable
C. database
D. EJBserver
E. message

Answer: A,B,E

---

QUESTION 4
Which of the following are stored in the datamanager_config.xml file?

A. Database table names used by the application
B. Database type and port numbers
C. References to DMX files containing data to be inserted on a build
D. References to SQL scripts to be run on a build
E. References to CTX files containing code tables to be inserted on a build

Answer: C,D

---

QUESTION 5
An application’s Server Components folder contains the following components: Appeals, core, custom, ISScreening, and ServicePlanning. The SERVER_COMPONENT_ORDER variable is set as follows: SERVER_COMPONENT_ORDER=custom, ServicePlanning.
Which of the following statements BEST reflects the order of priority (decreasing priority left to right) in which the generators will process the components?

A. custom, ServicePlanning, core
B. custom, ServicePlanning
C. custom, ServicePlanning, Appeals, core, ISScreening
D. custom, ServicePlanning, Appeals, ISScreening, core
E. Appeals, custom, ISScreening, ServicePlanning, core

Answer: D

Click here to view complete Q&A of C7010-010 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM C7010-010 Certification, IBM C7010-010 Training at certkingdom.com

Number of questions: 50
Number of questions to pass: 31
Time allowed: 90 mins

The test consists of seven sections containing a total of approximately 50 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.

Section 1 – Architecture 6%
Explain Worklight component architecture.
Describe the capabilities of the Worklight Server.
Describe the components of the Worklight Analytics server and how they fit into the overall Worklight architecture.

Section 2 – Installation and Configuration 26%
Plan and design the implementation of Worklight Server and its prerequisite components.
Install the Worklight Server.
Install the Application Center.
Install the Operational Analytics Platform server, and integrate it with the Worklight Server.
Configure the application server environment for Worklight Server using Ant tasks.
Configure the application server environment for Worklight Server using the Server Configuration Tool.
Perform post-installation and configuration tasks such as installation verification, establishing database connectivity, and certificate management.
Configure and manage the SMS Gateway.
Implement Worklight Server configurations for high availability.
Apply maintenance updates, such as upgrading the Worklight Server to a newer version.
Set up a cluster for Operational Analytics.
Perform backup and recovery of the Worklight Server environment.

Section 3 – Application and Adapter Deployment 14%
Deploy Worklight applications and adapters by using the Worklight console.
Deploy Worklight applications and adapters by using Ant tasks.
Deploy Worklight applications by using the command line interface (CLI).
Move Worklight applications from development to test or production environments.

Section 4 – Securing the Environment 14%
Compare the web, mobile, and custom security tests.
Explain the configuration of realms and login modules.
Configure device Single Sign-On (SSO) for Worklight applications.
Configure Worklight to use LDAP.
Configure Worklight to use LTPA.
Ensure secure communication between Worklight components.
Manage Worklight Console users, groups and roles.

Section 5 – Managing Mobile Application Distribution, Availability and Updates 14%
Notify users about Worklight application updates.
Manage multiple versions of Worklight applications.
Manage Worklight applications using the command line interface (CLI).
Manage Worklight applications using Ant.
Manage Worklight applications using the Worklight Console.
Use the Application Center to publish Worklight applications within an organization.
Use the Application Center to manage access controls to Worklight applications that are published within an organization.

Section 6 – Monitoring Mobile Applications and Performance Tuning 8%
Monitor push notifications.
Track devices that access the Worklight Server (user to device mapping).
Manage device access rights to the Worklight Server.
Tune the Worklight Server environment.

Section 7 – Problem Determination 18%
Diagnose connectivity issues between devices, Worklight Server and enterprise systems.
Troubleshoot installation problems.
Troubleshoot issues of migration from earlier versions of Worklight.
Troubleshoot issues that may arise when moving Worklight applications between environments.
Troubleshoot analytics configurations.
Troubleshoot authentication.
Use system log files to diagnose problems.
Use the Command Line Interface (CLI) tools to retrieve server and application information.
Diagnose build and deployment issues.

PartnerWorld Code: 15011002
Replaces PW Code: 15011001

Status: Live
This intermediate level certification is intended for system administrators who need to install, configure, manage, monitor, troubleshoot and maintain secure mobile application infrastructure.

These mobile system administrators are generally self-sufficient and able to perform most of the tasks involved in the role with limited assistance from peers and vendor support services. These mobile system administrators use the product documentation effectively and efficiently.

To attain the IBM Certified Mobile System Administrator – Worklight Foundation V6.2 certification, candidates must pass 1 test. To prepare for the test, refer to the job role description and recommended prerequisite skills, and click the link to the test below to refer to the test objectives (skills measured on the test) and the Test preparation tab.
Recommended Prerequisite Skills

Knowledge and foundational skills one needs to possess before acquiring skills measured on the certification test. These foundational skills are NOT measured on the test. For skills measured on the test, see Test Objectives.)

Experience with application server administration.
Experience using Apache Ant.
Good understanding of LDAP.
Familiarity with Worklight Studio.
Familiarity with web application development and deployment.

Requirements
This certification requires 1 exam

Exam Required:
Click on the link below to see exam details, exam objectives, suggested training and sample tests.

C5050-409 – IBM Worklight Foundation V6.2 Mobile System Administration

Each test:
contains questions requiring single and multiple answers. For multiple-answer questions, you need to choose all required options to get the answer correct. You will be advised how many options make up the correct answer.

is designed to provide diagnostic feedback on the Examination Score Report, correlating back to the test objectives, informing the test taker how he or she did on each section of the test. As a result, to maintain the integrity of each test, questions and answers are not distributed.

Click here to view complete Q&A of C5050-409 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM C5050-409 Certification, IBM C5050-409 Training at certkingdom.com

Number of questions: 50
Number of questions to pass: 32

Time allowed: 90 mins
This exam consists of 3 sections described below.

Section 1 – General 34%
Identify Solution Design Priciples and Best Practices
Knowledge of Private Cloud – VMWare and HyperVisor
Explain how to build and deploy new servers using Image Templates
Given a scenario, determine when to use specific APIs
Identify the tools for Configuration Management
Explain how, when and where to use Auto-Scaling

Section 2 – Network 44%
Given a scenario, determine how Vyatta fits into the SoftLayer Solution
Given a scenario, determine how Netscaler fits into the SoftLayer Solution
Given a scenario, determine how Fortigate fits into the SoftLayer Solution
Explain how to utilize Advanced Networking topics to enhance the SoftLayer Solution
Explain how and when to use Direct Link

Section 3 – Storage 22%
Given a scenario, determine how Quantastor fits into the SoftLayer Solution
Given a scenario, explain the usage of Object Storage / CDN /CleverSafe
Explain how and when to use Endurance Storage Solution Guidance

PartnerWorld Code: 50002001
Replaces PW Code: Not Applicable
Status: Live

An IBM Certified Solution Architect – SoftLayer V1 is a person who can analyze, design, architect and demonstrate IBM SoftLayer infrastructure based upon the workload requirements from a client.

They can do this with limited assistance from support, documentation or relevant subject matter experts and know how to contact SoftLayer to get assistance.

Key areas of competency include:

Demonstrate the ability to provide a customer with a logical diagram foundation to meet their requirements and a roadmap to get there.
Architect a comprehensive solution that utilizes the IBM offerings and skills required.

The following qualifications are requirements for success:
Basic knowledge of industry cloud computing principles
Working knowledge of IBM SoftLayer
Working knowledge of designing a comprehensive solution based on logical diagrams
Working knowledge of how to implement and customize the solution
Working knowledge of the various types of clouds and -as a service- offerings

Recommended Prerequisite Skills
Basic knowledge of IBM consulting principles
Working knowledge of the concepts covered in the IBM Solution Advisor -SoftLayer V1 exam

Requirements
This certification requires 1 exam

Click here to view complete Q&A of C5050-101 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM C5050-101 Certification, IBM C5050-101 Training at certkingdom.com

Test information:
Number of questions: 50
Time allowed in minutes: 75
Required passing score: 70%
Languages: English, Japanese

Related certifications:
IBM Certified Deployment Professional – Rational UrbanCode Release

The test consists of 5 sections containing a total of approximately 55 multiple-choice questions. The percentages after each section reflect the approximate distribution of the total question set across the sections.

Section 1: Elements of a Release (30%)
Identify Teams, Lifecycles and phases and how they relate to releases
Identify Initiatives, projects and epics in UC Release
Identify Release Environments and how they are associated to applications and phases
Recognize changes and how they are tracked by UC Release
Identify Release Versions and their components and properties

Section 2: Release Planning and Execution Concepts (13%)
Use Deployment Plans in UC Release
Use Lifecycles and Phases in UC Release

Section 3: UrbanCode Release Overview (17%)
Describe the tasks necessary to implement a release coordination solution
Identify the capabilities of UrbanCode Release that address the challenges that customers deal with in software development
Describe the challenges encountered when planning and executing a major software release and how UrbanCode Release addresses them

Section 4: UrbanCode Release Pipeline (25%)
Use the UrbanCode Release UI to add a Version to an Application and show details with the Version dialog
Schedule and execute a deployment with UC Release
Identify the purpose of the UC Release pipeline and integration with UC Deploy
Revert an environment to a previous state
Apply and understand Version color coding in the UrbanCode Release pipeline

Section 5: UrbanCode Release and Deploy Integration (15%)
Configure an integration provider in UC Release
Identify the association of Release Environment in UC Release with Application Environments in UC Deploy
Recognize concepts shared between UC Deploy and UC Release

Application Environment

Job Role Description / Target Audience
This certification targets intermediate level Deployment Professionals who manage the release of complex interdependent applications, infrastructure changes, and simultaneous deployments of multiple applications. This Deployment Professional can plan, execute, and track a release through every stage of the lifecycle model.

The Deployment Professional should have an intermediate level of knowledge of UrbanCode Release and a firm understanding of how UrbanCode Release can be implemented in a small and simple environment as well as a large and complex environment. The Deployment Professional can train, tutor and mentor IBM customers in the installation, configuration and ongoing use of UrbanCode Release. The Deployment Professional can perform most of these tasks independently and may require some assistance from peers and vendor support services.

Click here to view complete Q&A of C5050-063 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM C5050-063 Certification, IBM C5050-063 Training at certkingdom.com

Test information:
Number of questions: 53
Time allowed in minutes: 105
Required passing score: 62%
Languages: English

Related certifications:
IBM Certified Analyst – i2 Analyst’s Notebook V8.9

This multiple-choice test contains questions requiring single and multiple answers. For multiple-answer questions, you need to choose all required options to get the answer correct. You will be advised how many options make up the correct answer.
This test is designed to provide diagnostic feedback on the Examination Score Report, correlating back to the test objectives, informing the test taker how he or she did on each section of the test. As a result, to maintain the integrity of each test, questions and answers are not distributed.

The test contains five sections totalling 53 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.

Section 1 – General IBM i2 Analyst’s Notebook Application Knowledge (17%)
Understand the key elements of entities and connections
Understand and describe the purpose of an identity
Distinguish the differences between data locations such as date and time, and cards
Understand standard attributes

Section 2 – Manual Chart Creation (17%)
Implement methodologies on creating charts from unstructured data
Add and change entity representations and types
Add links and change link properties
Differentiate between the structure of association and timeline charts
Add standard attributes and create custom attributes

Section 3 – Import Data to Create a Chart (21%)
Analyze how to structure the source data for import
List some of the different file formats that may be imported into IBM i2 Analyst’s Notebook
Demonstrate ability to standardize data using Column Actions
Select appropriate import designs
Use Assign Columns to specify how to create a chart
Format date and time within an Import Specification
Identify how to resolve warnings and errors when running an Import Specification

Section 4 – Basic Principles and Analysis Tools (34%)
Differentiate between analysis functions
Construct a question and select key data using Visual Search
Demonstrate comprehension of the features in List Items
Construct a search using wildcards and regular expressions
Identify potential duplicate entities and merge them
Identify trends in data by using Filters, Histograms and the HeatMatrix
Analyze the role of semantic types in IBM i2 Analyst’s Notebook
Know the differences between the centrality measures in Social Network Analysis
Demonstrate how to run a Conditional Formatting Specification and create custom Conditional Formatting Specifications
Select an appropriate chart layout for a specific task

Section 5 – Analysis to Presentation Charts (11%)
Create a presentation chart from an analytical chart
Manipulate association and timeline charts for presentation
Create and implement the different functionalities of a Legend
Understand different dissemination tools in IBM i2 Analyst’s Notebook

IBM Certified Analyst – i2 Analyst’s Notebook V8.9

Job Role Description / Target Audience
This intermediate level certification is intended for professionals who are regular users of IBM i2 Analyst’s Notebook V8.9. A minimum of six (6) months of experience in the product is recommended before attempting this certification.

This certification is relevant to national security law enforcement and commercial intelligence/fraud/information analysts, supervisors and managers who actively use the product, as well as researchers.

These professionals typically perform some or all of the following:
create intelligence analysis products
create associations and timeline charts; develop pattern of life
analyze financial and communication data
analyze networks and nodes
deconstruct organized crime groups
apply analytic trade craft
import structured data
assess and communicate analytical data through presentation charts

Recommended Prerequisite Skills
Before preparing for this certification, basic understanding of the following is recommended and assumed:

knowledge of Windows and Microsoft Office Suite

In preparing for this certification, the following IBM courses are recommended to further improve your skills:
9I02G: IBM i2 Analyst’s Notebook Essentials

QUESTION 1
The investigator wants to perform a search for “FARADAY” in Analyst’s Notebook. Which wildcard
search will return the desired results?

A. F?Y
B. F*AY
C. F*day
D. FA???

Answer: B

Explanation:

---

QUESTION 2
Which of the following will find all entities within two links of separation in a specific direction, and
in chronological order of a targeted entity?

A. Find Path
B. Find Linked
C. Visual Search
D. Find Matching Entities

Answer: B

Explanation:

---

QUESTION 3
Which of the following is a semantic type that can be assigned to the chart items from the
Semantic Type Library?

A. Chart semantic types
B. Entity semantic types
C. Palette semantic types
D. Identity semantic types

Answer: B

Explanation:

QUESTION 4
An analyst is creating an Import Specification. During the Assign Columns step, which task MUST
be performed?

A. Assign all the identities.
B. Create more than one entity.
C. Add additional entities and links.
D. Assign all of the columns in the spreadsheet.

Answer: A

Explanation:

---

QUESTION 5
The Filters and Histograms feature in Analyst’s Notebook allows the user to do all of the following
EXCEPT for the ability to:

A. use analysis attributes for analyzing data.
B. isolate data based on filters or histograms selected.
C. drill-down into the data to do more in depth analysis.
D. view the data in different ways while at the same time changing the underlying data.

Answer: D

Explanation:

Click here to view complete Q&A of C2170-051 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM C2170-051 Certification, IBM C2170-051 Training at certkingdom.com

Test information:
Number of questions: 60
Time allowed in minutes: 90
Required passing score: 63%
Languages: English

Related certifications:
IBM Certified System Administrator – Security Network Protection (XGS) V5.3.2

The test consists of 5 sections containing a total of approximately 60 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections

Section 1 – Features and capabilities (13%)
Compute the available number of protected segments based on the model type, NIMs, and media types (fibre, copper, etc).
Demonstrate a deep knowledge of protection interface inspection modes and settings.
Given a scenario using a specific license type, demonstrate an understanding of what capabilities, settings, and objects are affected by the license.
Demonstrate an understanding of inspection, response capabilities, and deployment considerations.
Demonstrate how to obtain and apply X-Force Exchange-supplied OpenSignatures.
Demonstrate an understanding of User Authentication deployment considerations.

Section 2 – Plan and install (25%)
Given a requirement for network throughput, HA, SSL, bypass requirements and number of inspected segments, infer XGS sizing, network interface module required and licensing.
Demonstrate the use of the serial console and situations where it may be required (proper cabling of the appliance to achieve console access).
Examine the differences between the physical and virtual appliances, the scenarios where they can be used, and how they are deployed within their specific environments (e.g., distributed virtual switches).
Examine network topology to understand where to locate the XGS to achieve the required inspection and circumvent Inbound SSL Traffic Limitations.
Demonstrate an understanding of FIPS mode and how to configure it.
Construct an SSL Inspection implementation plan for both inbound and outbound traffic.
Produce a high availability architecture diagram demonstrating both an Active-Passive and an Active-Active deployment.
Perform first-time setup using Serial Console, CLI, & LMI.
Use the different methods for configuring the XGS, including the CLI, LMI, SiteProtector and know the compatible modes (strict vs. compatible mode).

Section 3 – Configure (28%)
Infer the proper setting to configure in-built hardware bypass, inspection mode, TCP reset, etc. on a protection interface.
Complete XGS registration in SiteProtector and verify all policies have been imported.
Modify Network Access Policy to demonstrate a knowledge of the different ways to inspect different traffic types and generate security events.
Manipulate policies to integrate with 3rd party products, (e.g., syslog, QRadar, SNMP, flow data).
Construct and manipulate IPS objects including changes to X-Force protection level and blocking.
Modify SSL Inspection Policy to inspect specific traffic, including outbound and inbound traffic.
Manipulate SSL encryption keys and certificates to enable inbound and outbound SSL inspection.
Use the PAM documentation to adjust signature rules behavior using advanced tuning parameters.
Modify the management access policy to restrict access to management interface.

Section 4 – Maintain (23%)
Modify Intrusion Prevention Policy to change default threat level and protection settings of signatures.
Modify system alerting policy to propagate certain types of logging events to local and remote logging mechanisms (remote syslog object vs local) and (management access policy).
Perform a snapshot and demonstrate an understanding of limitations when applying snapshots.
Infer appliance status via Log events, System Graphs, and Network Graphs.
Produce a backup of the system to the alternate partition and fail back.
Construct and apply new objects within the network access policy (eg. Address, Application, Inspection, Identity, Response).
Use IPS event Filters to ignore traffic and create exceptions.
Change update-related policies and apply updates to firmware, security content and application databases.

Section 5 – Support (10%)
Use tools available in the CLI to troubleshoot problems.
Perform hardware diagnostics using built-in capability as well as stand-alone diagnostics tool and physical examination of hardware, LEDs, etc.
Demonstrate how to reimage an XGS appliance and restore settings.
Perform a fixpack installation and demonstrate an understanding of the impact of doing so.
Use Service and Support feature to automatically open service requests and send log files to support.

IBM Certified System Administrator – Security Network Protection (XGS) V5.3.2

Job Role Description / Target Audience
This intermediate level certification is intended for network system administrators and system engineers working with IBM Security Network Protection (XGS) V5.3.2.

These system administrators require extensive hands-on experience with the product, are familiar with its features and capabilities, and understand how to plan for and install the product, configure, maintain and support it.

It is expected that these system administrators are generally self-sufficient and are able to perform the tasks involved in the job role with limited assistance from peers, product documentation and vendor support services.

To attain the IBM Certified System Administrator – Security Network Protection (XGS) V5.3.2 certification, candidates must pass 1 test. To prepare for the test, it is recommended to refer to the job role description and recommended prerequisite skills, and click the link to the test below to refer to the test objectives and the test preparation tab.

Recommended Prerequisite Skills

Basic knowledge of:
Intrusion prevention systems technology
Standard network protocols and practices, including the OSI model, secure network transmissions
Network design and architecture, including high availability (HA)
Security technologies such as firewalls, encryption using keys and certificates, SSL, HTTPS, SSH, intrusion detection, VLAN, Span Ports, etc.
Security vulnerabilities, exploits, and attack techniques
Different network media types and connectivity considerations (copper, fibre, transceiver)
Directory-based authentication
SiteProtector agent authentication, policy management, event propagation
Installing firmware from USB
Packet analysis
VMware vSphere administration

Requirements
This certification requires 1 test(s).

Test(s) required:
Click on the link(s) below to see test details, test objectives, suggested training and sample tests.

Test C2150-620 – IBM Security Network Protection (XGS) V5.3.2 System Administration

The test:
contains questions requiring single and multiple answers. For multiple-answer questions, you need to choose all required options to get the answer correct. You will be advised how many options make up the correct answer.
is designed to provide diagnostic feedback on the Examination Score Report, correlating back to the test objectives, informing the test taker how he or she did on each section of the test. As a result, to maintain the integrity of each test, questions and answers are not distributed.

---

QUESTION 1
A System Administrator has been seeing a lot of SSLv2_Weak_Cipher attacks reported on the network and wants to Increase the severity of the events.
How can this be accomplished?

A. Modify the Threat Level of the signature
B. Create an Incident in SiteProtector for SSLv2_Weak_Cipher
C. Modify the Event Log response for the Intrusion Prevention Object
D. Increase the X-Force Protection Level for the Intrusion Prevention Object

Answer: D

---

QUESTION 2
A System Administrator has an XGS 4100 appliance that has a single 8-port RJ-45 copper Network Interface Module (NIM) installed.
What is the maximum number of in-line network segments, of any media type, that could be protected?

A. 2
B. 4
C. 6
D. 10

Answer: A

---

QUESTION 3
A System Administrator has a requirement to be able to pause and resume an XGS for VMware machine to allow the ESXi server to move the servers to another machine.
Which statements regarding VMware Tools functionality is relevant to this requirement?

A. VMware Tools can be used to suspend inspection on the XGS for VMware and traffic will be forced into an automatic bypass mode.
B. VMware Tools can be used to suspend inspection on the XGS for VMware and traffic will not be forced into an automatic bypass mode.
C. VMware Tools functionality can be added to the appliance to provide a more streamlined user experience when migrating to another ESXi host.
D. VMware Tools functionality is already included and will be used when called by the hypervisor to manage the XGS for VMware virtual machine.

Answer: C

---

QUESTION 4
The System Administrator of a banking organization has become aware of some malicious traffic to its IBM Security Network Protection (XGS) appliance. The logs show patterns of Denial of Service (DoS) attack and a lot of encrypted packets targeted to the M. 1 port of the XGS appliance coming from an internal laptop IP address.
What should the System Administrator do next?

A. Configure Management access policy to restrict access
B. Configure Inbound SSL policy to inspect and drop such traffic
C. Configure Management access policy to set the management port as TCP reset port
D. Configure Network access policy and Intrusion Prevention Policy to block DoS attacks

Answer: B

Click here to view complete Q&A of C2150-620 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM C2150-620 Certification, IBM C2150-620 Training at certkingdom.com

Test information:
Number of questions: 60
Time allowed in minutes: 90
Required passing score: 61%
Languages: English

Related certifications:
IBM Certified Deployment Professional – Security Privileged Identity Manager V2.0.2

The test consists of 5 sections containing a total of approximately 60 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.

Section 1 – Planning (20%)
Illustrate the key benefits of the privileged identity management.
Analyze the client and business requirements and translate into implementation goals (i.e. optional features, end resources, target system, adapters and access profile, ISPIM agent OS, ISPIM for Applications, auditing, reporting requirements, activity monitoring).
Produce an implementation plan (i.e. credential access methods, additional checkout assurance, reauthentication, etc.).
Determine goal customization (i.e. approval and lifecycle rules, identify shared access management, integration with existing processes, etc.).
Produce deployment topologies for business requirements (i.e. scale, size, availability, automation, redundancy, prerequisites, form factor, components, hardware and software, network architecture, upported platforms, etc.).

Section 2 – Installation and Configuration (18%)
Perform the database and directory installation and configuration (i.e. update fixpack, LDAP over SSL, etc.).
Complete the provisioning, installation and configuration of the ISPIM virtual appliance.
Perform guided and advanced configurations (i.e. cluster node setup, load balancer integration, configuration parameters, Application Identity management, secure communications, etc.).
Perform the installation and configuration of optional components (i.e. Cognos reporting server, external TDI servers, external AD registry, custom root certificate, SSL, etc.).
Perform the installation and configuration of AccessAgent on workstations, terminal server and Citrix server and desktops. (i.e. ISPIM Root CA certificate, Access Studio tool).

Section 3 – Administration (22%)
Describe how to create administrative domains, administrators, users, auditors, application managers.
Construct custom groups, views and processes (i.e. identity feeds, delegate administration, forms and workflow, etc.).
Demonstrate onboarding credentials (i.e. manual and bulk load, credential default settings, credential pools, applications, connected v/s unconnected credential, etc.).
Construct target systems connections and determine access (i.e. resources, roles and shared access policies, password policies, target endpoint, identity providers).
Construct an automated credential check-in/check-out, session recording, and access profiles.
Manipulate reports to deliver information based on customer requirements (i.e. Cognos reports, internal audit reports).

Section 4 – Maintenance (22%)
Construct and modify AccessProfiles with ISPIM support.
Perform registration, fingerprinting, recapturing, and administration of application instances and credentials.
Perform common maintenance tasks (i.e. appliance snapshots, data tier backup, firmware upgrade mechanisms, fixpack, archive and restore session recordings, Cipher Suites, certificate uploads , cluster synchronization etc.).
Perform auditing tasks and creating audit reports (i.e. ESSO audit logs and PIM request).
Perform monitoring using URLs, tools and logs.
Analyze and present maintenance plans to meet client needs (i.e. logs, reports, Cipher Suites, certificate uploads, cluster synchronization, data synchronization, etc.).

Section 5 – Troubleshooting and Tuning (18%)
Construct a support package (i.e. access, analyze, and configure component logs and traces, PMR process, etc.).
Solve connectivity issues (i.e. between appliance and data tier, client and appliance, cluster issues, reporting modules, cluster promotion, etc.).
Show data locations and manipulate usage of data to troubleshoot problems (i.e. configure new traces for the appliance).
Examine and solve user authentication and authorization issues.
Analyze performance and make tuning changes (i.e. LDAP, DB2 and appliance).

IBM Certified Deployment Professional – Security Privileged Identity Manager V2.0.2

Job Role Description / Target Audience
This intermediate level certification is intended for deployment professionals who work with IBM Security Privileged Identity Manager V2.0.2.

These deployment professionals have extensive product experience. They plan, install, configure, administer, maintain, tune and troubleshoot IBM Security Privileged Identity Manager V2.0.2 installations.

These deployment professionals are able to perform most of the tasks involved in the job role with limited assistance.

To attain the IBM Certified Deployment Professional – Security Privileged Identity Manager V2.0.2 certification, candidates must pass 1 test. To prepare for the test, it is recommended to refer to the job role description and recommended prerequisite skills, and click the link to the test below to refer to the test objectives and the test preparation tab.

Basic knowledge of:
operating systems and databases.
hardware or virtual machines.
networking and protocols.
auditing and compliance.
information security guidelines.

Requirements
This certification requires 1 test(s).

Click here to view complete Q&A of C2150-618 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM C2150-618 Certification, IBM C2150-618 Training at certkingdom.com

Test information:
Number of questions: 60
Time allowed in minutes: 120
Required passing score: 61%
Languages: English

Related certifications:
IBM Certified Administrator – Security QRadar Risk Manager V7.2.6

The test consists of 6 sections containing a total of approximately 60 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.

Section 1 – Device configuration investigation (22%)
Identify assets in the network (i.e. device discovery).
Apply credential sets to the discovered devices.
Obtain device configuration.
Examine the asset information.
Examine scanning results (i.e. port, application, patch, etc.).
Apply specific searches (i.e. device rules, risk, vulnerabilities, etc.).
Examine connections (i.e. use, search/view, and export).

Section 2 – Device source management (22%)
Demonstrate the importing and management of devices (i.e. view, add, edit, delete, log sources, etc.)
Illustrate protocol configuration.
Create discovery schedules.
Demonstrate configurations of scans (i.e. port/app, configure windows, schedule scans, configure Linux.
Perform backup jobs (i.e. manage, add, edit, rename, delete, etc.).
Examine connections (i.e. use, search/view, and export).

Section 3 – Policy monitor (18%)
Use QRM questions to monitor policies (i.e. view, asset, compliance, device/rules, group, evaluation/result, export/import, auditing).
Illustrate policy management (i.e. create, manage, review, compliance, false positives).
Infer the Importance factor.
Demonstrate how to view and export connections (i.e. log sources, scanners).
Apply QRM Use Cases to a given scenarios.

Section 4 – Topology (13%)
Examine Topology layout.
Illustrate the function of groups within Topology.
Perform searches within Topology view (none, host, network, path).
Translate NAT within Topology.
Apply Topology to an investigation.
Use Topology graphs to determine traffic routes through network.

Section 5 – Vulnerability classification (15%)
Identify false positives.
Use simulations (edit, copy, assign, delete, monitor).
Modify simulations (revoke, group).
Perform Connections Investigations.
Examine vulnerability data using QRM (risk, criteria, information, types, exceptions, severity, impact, rules).

Section 6 – Reporting/scheduling (10%)
Construct various report types (vulnerability, log, asset, user, questions).
Modify report scheduling (create, edit, duplicate, share).
Construct and modify charts.

IBM Certified Administrator – Security QRadar Risk Manager V7.2.6

Job Role Description / Target Audience
This intermediate level certification is intended for administrators who works with IBM Security QRadar Risk Manager V7.2.6.

These administrators focus on managing security risks within their network and how those vulnerabilities can be exploited (or blocked) as a result of the current state of network assets using skills from the following areas:
1. Device configuration investigation
2. Device source management
3. Policy monitor
4. Topology
5. Vulnerability classification
6. Reporting/scheduling

These users are generally self-sufficient and able to perform most of the tasks involved in the job role with limited assistance.

To attain the IBM Certified Administrator – Security QRadar Risk Manager V7.2.6 certification, candidates must pass 1 test. To prepare for the test, it is recommended to refer to the job role description and recommended prerequisite skills, and click the link to the test below to refer to the test objectives and the Test preparation tab.

Recommended Prerequisite Skills

Working knowledge of:
IBM Security QRadar SIEM Administration
IBM Security QRadar Risk Manager

General knowledge of:
Networking
Risk management
System Administration
Network Topology

Requirements
This certification requires 1 test(s).

Click here to view complete Q&A of C2150-616 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM C2150-616 Certification, IBM C2150-616 Training at certkingdom.com

Test information:
Number of questions: 60
Time allowed in minutes: 115
Required passing score: 60%
Languages: English

Related certifications:
IBM Certified Deployment Professional – Security QRadar SIEM V7.2.7

The test consists of 6 sections containing a total of approximately 60 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.

Section 1 – Planning (25%)
Select the different Security QRadar SIEM components required to make up a suitable distributed deployment (e.g. Cloud, hardware or virtual machine; using QRadar Consoles, event and flow collectors, event and flow processors, and data nodes; considering logical networks, security constraints, and bandwidth; etc.).

Determine the required sizing, encompassing current usage and projected growth, of the overall installation (e.g. number of devices, handle the required how many events per second, how many flows per interval, how much storage is required for the solution, how to handle different geographical locations within the deployment, etc.).

Describe the purpose and limitations of the QRadar SIEM V7.2.7 high availability design (e.g. HA bandwidth, which hosts should be HA pairs, latency constraints, and network stability).

Determine how log source locations and information gathering mechanisms can affect QRadar component architecture (e.g. Windows Collection options).

Determine the method for receiving flows based on the architecture (e.g. regenerative taps, port mirrors/SPAN (Switched Port Analyzer) ports, NetFlow, etc.).

Outline common environmental data used and compare how they can be integrated (e.g. CMDB, User Information Sources, threat feeds, vulnerability scanners, REST-API, and ticketing systems).

Describe how the SIEM product interacts with other Security Intelligence QRADAR Modules (i.e. Risk Manager, Vulnerability Manager, and Incident Forensics).

Section 2 – Installation (13%)
Implement the appropriate software, Cloud or appliance installation and initial network configuration tasks for a given situation (e.g. ISO, DVD, USB, and recovering an appliance from a USB storage device; set up IP addresses, set up network aggregation links/NIC bonding (management interface), configuring QRadar to use external storage (SAN, iSCSI)).

Use deployment actions under system and license management to add additional managed hosts (e.g. set up encryption, configure off site source/target (non-storage), set up network aggregation links/NIC bonding (non-management interfaces), etc.).

Perform configuration of auto update (e.g. DSM, protocols; with or without internet Connection, etc.) (Level 3- Applying)Perform configuration of auto update (e.g. DSM, protocols; with or without internet Connection, etc.).

Determine which version of QRadar should be used when adding managed hosts into an environment (e.g. patch software, latest build of QRadar, original version of QRadar in place, how it affects managed host, HA, etc.).

Implement and optimize HA pairing (e.g. adding HA cluster to the host, demonstrating a high availability installation, determining which hosts to HA, order of installation, patching, etc.).

Summarize IMM configuration and firmware update mechanisms (e.g. changing passwords, obtaining SSL certificates, setting IP addresses, etc.).

Section 3 – Configuration (20%)
Differentiate which information will need to be put into a network hierarchy, how it relates to rule tests, and whether domains are required.

Determine the appropriate authentication and access control method(s) to use for a given environment (i.e. using the local repository, active directory, LDAP, radius, TACACS, domains and multi-tenancy, etc.) (Level 4- Analyzing)Determine the appropriate authentication and access control method(s) to use for a given environment (i.e. using the local repository, active directory, LDAP, radius, TACACS, domains and multi-tenancy, etc.).

Summarize common system settings which need to be set for each specific environment (e.g. initial system settings; administrative e-mail address, e-mail locale, and database settings, etc.).

Demonstrate configuring log sources (e.g. wincollect, syslog, log source extensions, custom QID entries, event mapping, log source groups, etc.).

Demonstrate configuring flow sources (e.g. different types of flow sources, Jflow, Sflow, netflow, PACKETEER, NAPATECH, etc.).

Demonstrate configuring scanners (e.g. configure different types of scanners and schedules, etc.).

Demonstrate configuring common administrative settings (e.g. configuration and data backups/restore, retention policies and buckets, routing rules, etc.).

Section 4 – General Operational Tasks (17%)
Demonstrate basic event and flow investigation to assist rule development and troubleshooting (i.e. searches, quick filters and simple AQL).

Demonstrate Rule and Building Block creation and optimization to deliver basic use case logic and rule evaluation troubleshooting (e.g. Rule Tests, Rule Actions and Responses, Building Blocks, Test ordering, the False Positive Rule, etc.).

Understand Custom Event and Flow properties, where they are used, how to create them and troubleshooting issues involving them (e.g. simple regex, ‘optimization for rules and searches’, scoping to logs sources/events to minimize evaluation frequency, etc.).

Choose between the four types of reference data and illustrate how the data within them can be manipulated (Aging out, CLI, REST-API and rule responses), what each type would be used for (e.g. transient data storage, rule tests, AQL enrichment, etc.) and how to investigate issues with them.

Understand where historical correlation can be used to review old data or data received in ‘batch mode’.

Discuss the performance, storage and network impact of Local vs Global rule evaluation in a distributed environment.

Section 5 – Performance Optimization and Tuning (15%)
Explain which configuration actions should be taken to make default rule sets useful (e.g. network hierarchy, server discovery and host definition building blocks, host identification, tuning building blocks, etc.).

Perform SIEM performance optimization (e.g. performance limitations, network bandwidth, Disk IO, number of concurrent searches, rules for optimizing EPS, event and flow custom properties, backend scripts, etc.) .

Infer when expensive rules and properties are automatically managed and investigated (i.e. automatic versus manual investigation, reference data, etc.).

Administer aggregated data management (e.g. determining issues with report data, disable any unnecessary views/reports, etc.).

Analyze index management requirements for an environment (e.g. determine which properties to index; understand when to index, etc.).

Section 6 – Administration and Troubleshooting (10%)
Demonstrate the investigation of offenses that are not standardized (e.g. navigate through offenses, related events and flows, analyze offenses, state the difference between an Offense and a Triggered Rule, etc.).

Demonstrate how to monitor and investigate network and log activity search issues (e.g. filtering, searching, grouping and sorting, saving searches and creating reports, creating dashboard widgets from searches, viewing audit logs, indexed fields and quick filter, etc.).

Diagnose asset management and server discovery problems (e.g. vulnerabilities, filtering, searching, grouping, sorting, saving searches on assets, importing, exporting, populating asset databases, etc.).

Diagnose system notifications regarding performance problems or system failures (e.g. dropping events, HA System Failed, I/O error, how to get logs for support tickets, license restrictions, etc.).

IBM Certified Deployment Professional – Security QRadar SIEM V7.2.7
Job Role Description / Target Audience

This intermediate level certification is intended for deployment professionals who are responsible for the planning, installation, configuration, performance optimization, tuning, troubleshooting, and administration of an IBM Security QRadar SIEM V7.2.7 deployment. These individuals are able to complete these tasks with little to no assistance from documentation, peers or support.

To attain the IBM Certified Deployment Professional – Security QRadar SIEM V7.2.7 certification, candidates must pass 1 test. To prepare for the test, it is recommended to refer to the job role description and recommended prerequisite skills, and click the link to the test below to refer to the test objectives and the test preparation tab.

Recommended Prerequisite Skills
Understanding of:
· basic system architecture design

· IBM Security QRadar SIEM V7.2.7 architecture and components
· vulnerability scanners

Working knowledge of:
· security technologies such as firewalls, encryption using keys, SSL, HTTPS,
· regular expressions
· building and managing IBM Security QRadar SIEM V7.2.7 rules and reports
· IBM Security QRadar SIEM V7.2.7 prerequisite software
· TCP/IP
· LINUX operating system such as vi, iptables, ssh, cat, tail, grep, etc.

---

QUESTION: No: 1
Which CLI command should be used to change the default password from PASSWORD to S3cure for the username USERID?

A. /opt/ibm/toolscenter/asu/asu set IMM. Password S3cure –ksu
B. /opt/ibm/toolscenter/asu/asu set IMM. Password.1 S3cure –ksu
C. /opt/ibm/toolscenter/asu/asu64 set IMM. Password S3cure — ksu
D. /opt/ibm/toolscenter/asu/asu64 set IMM.Password.1 S3cure — ksu

Answer: D

Explanation:
To reset the IMM password use the following command:
/opt/ibm/toolscenter/asu64 set |MM.Password.1 NewPassword –kcs
References: https:://wvvvv-01.ibm.com/support/docview.wss?uid=swg21964070

---

QUESTION: No: 2
A Deployment Professional is performing a new deployment, and the customer wants to monitor network
traffic by sending raw data packets from a network device to IBM Security QRadar SEAM V7.2.7.
Which method should be used?

A. AGP card
B. Napatech card
C. SFIow protocol
D. NetFIow protocol

Answer: B

Explanation:
You can monitor network traffic by sending raw data packets to a IBM QRadar QFIow Collector 1310
appliance. The QRadar QFIow Collector uses a dedicated Napatech monitoring card to copy incoming
packets from one port on the card to a second port that connects to a IBM Security QRadar Packet
Capture appliance.
References:
http://www.ibm.com/support/knowledgecenter/SSKIVIKU/com.ibm.qradar.doc/t_qf|ow_forvvard_pcap.html

---

QUESTION: No: 3
A Deployment Professional was asked to investigate the following error:
Custom Rule Engine has detected a total of 20487 dropped event(s).
20487 event(s) were dropped in the last 62 seconds. Queue is at 99 percent capacity
The Deployment Professional needs to run the command “/opt/qradar/bin/findExpensiveCustomRuIes.sh”
to gather the necessary troubleshooting logs.
When should this command be run?

A. Right after a reboot
B. Run “service hostcontext restart” first
C. While the system is dropping events
D. Restart ECS, then run command

Answer: C

Explanation:
The script “findExpensiveCustomRuIes.sh” script is designed to query the QRadar data pipeline and
report on the processing statistics from the Custom Rules Engine (CRE). The script monitors metrics and
collecting statistics on how many events hit each rule, how long it takes to process a rule, total execution
time and average execution time. When the script completes it turns off these performance metrics. The
findExpensiveCustomRuIes script is a useful tool for creating on demand reports for rule performance, it
is not a tool for tracking historical rule data in QRadar. The core functionality of this script is often run
when users begin to see drops in events or events routed to storage between components in QRadar.
References:
http://www-01.ibm.com/support/docview.wss?uid=swg219852528myns=swgother&mynp=OCSSBQAC&
mync=R&cm_sp=swgother-_-OCSSBQAC-_-R

---

QUESTION: No: 4
A current banking customer has just expanded by purchasing a small rural bank with a low bandwidth
WAN connection.
The customer wants to expand its current QRadar SIEIVI 3105 all-in-one deployment to capture log events
from the newly acquired branch and to forward them on a schedule, after hours during the trough of
activity to the main branch. There is plenty of room for this additional EPS growth.
Which device will meet the requirements?

A. 1202 QFIow Collector
B. 1400 Data Node
C. 1501 Event Collector
D. 1605 Event Processor

Answer: D

Explanation:
The IBM Security QRadar Event Processor 1605 (MTM 4380-Q1E) appliance is a dedicated event
processor that you can scale your QRadar deployment to manage higher EPS rates. The QRadar Event
Processor 1605 appliance includes an on-board event collector, event processor, and internal storage for
events.
With the Basic License the capacity is 2500 EPS, and with an upgrade license it is 20000 EPS.

 

Click here to view complete Q&A of C2150-614 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM C2150-614 Certification, IBM C2150-614 Training at certkingdom.com