Number of questions: 60
Number of questions to pass: 39
Time allowed: 75 mins
Status: Live

This exam consists of 4 sections described below.

Customer Requirements and Infrastructure

Determine the customer’s tactical and strategic business goals
Gather information regarding the existing storage environment.

IBM Spectrum Product Capabilities
Identify the strategic and tactical goals for key infrastructure technologies
Identify the key capabilities of IBM Spectrum Protect
Identify the key capabilities of IBM Spectrum Control
Identify the key capabilities of IBM Storage Insights
Identify the key capabilities of IBM Copy Services Manager
Identify key capabilities of IBM Spectrum Scale
Identify the key capabilities of IBM Spectrum Virtualize
Identify the key capabilities of IBM Spectrum Archive
Identify the key capabilities of IBM Spectrum Accelerate
Identify key capabilities of IBM Cloud Object Storage
Identify the key capabilities of IBM Copy Data Management
Identify key capabilities of IBM Spectrum Discover
Identify the key capabilities of IBM Spectrum Protect Plus

IBM Storage Software Defined Value Propositions
Explain the value proposition of IBM Software Defined Storage Infrastructure.
Describe the value of the IBM Spectrum family to a customer

Benefits and Use Cases for IBM Spectrum Storage Software
Explain the benefits and use cases for IBM Spectrum Protect
Describe the benefits and use cases for IBM Spectrum Control
Explain the benefits and use cases for IBM Storage Insights.
Explain the benefits and use cases for IBM Copy Services Manager
Explain the benefits and use cases for IBM Spectrum Scale
Explain the benefits and use cases for IBM Spectrum Virtualize
Explain the benefits and use cases for IBM Spectrum Archive
Explain the benefits and use cases for IBM Spectrum Accelerate
Explain the benefits and use cases for IBM Cloud Object Storage.
Explain the benefits and use cases for IBM Spectrum Copy Data Management
Explain the benefits and use cases for IBM Spectrum Discover
Explain the benefits and use cases for IBM Spectrum Protect Plus

Overview
PartnerWorld Code: C0003306
Replaces PW Code: 24012105

Status: Live
ROLE DESCRIPTION
An IBM Certified Solution Advisor – Spectrum Storage Software V6 is a person who identifies opportunities and influences direction for IBM Spectrum Storage Software solutions within the customer environment and is responsible for educating and influencing key decision makers. This person develops high-level architectural solutions that are integrated with existing systems and aligned with business critical needs within a customer environment and is responsible for performing storage solutions analysis and communicating high-level design scenarios to the customer.
Key Areas of Competency

Map customer business requirements to IBM Spectrum Storage Software solutions.
Apply storage concepts and standards to a customer’s IT infrastructure.
Assess IT process maturity regarding capacity management.
Assess the customer’s infrastructure for storage opportunities.
Align IBM, Spectrum, and partner products to storage opportunities.
Assess requirements and create a conceptual solution design.
Describe business and technical advantages of IBM Spectrum Storage Software solutions.
Recommend education opportunities to customer based on the IBM Spectrum Storage Software solution.
Understand the deployment models: Software, Integrated offering, Cloud
Knowledge of product licensing models.
Knowledge of competitive landscape.
Knowledge of IBM Design Thinking

Recommended Prerequisite Skills
Prerequisite Knowledge

Knowledge of big data file systems (HDFS, IBM Spectrum Scale).
Knowledge of block storage systems.
Knowledge of object storage (S3 and Swift).
Knowledge of storage data pipeline for AI.
Experience with IT organization structures.
Knowledge of IT storage standards (government and civil), regulations, and certifications (SNIA etc.).
Skills with the aspects of network, storage, SAN hardware, SAN fundamentals and cloud.
Knowledge of storage virtualization.
Ability to create a business case justification for an IT project.
Understanding of these key IBM Spectrum products and how they are offered:
IBM Spectrum Protect
IBM Spectrum Protect Plus
IBM Spectrum Control
IBM Storage Insights
IBM Copy Services Manager
IBM Spectrum Scale/ESS
IBM Spectrum Virtualize
IBM Spectrum Archive
IBM Spectrum Accelerate
IBM Cloud Object Storage
IBM Spectrum Copy Data Management
IBM Spectrum Discover

Click here to view complete Q&A of C1000-050 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM Spectrum Storage C1000-050 Certification, IBM Spectrum Storage C1000-050 Training at certkingdom.com

HTML clipboard

Number of questions: 60
Number of questions to pass: 38
Time allowed: 90.0 mins
Status: Live

The test consists of 5 sections containing a total of approximately 60 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.

Section 1: Monitor outputs of configured use cases. 15%
Perform dashboard customization.
Review outputs in all available QRadar Tabs (Dashboards, Log Activity, Network Activity, Assets, etc.).
Navigate to, from and within an offense.
Distinguish offenses from triggered rules.
Review security access trends and anomalies.
Review security risks and network vulnerabilities detected by QRadar.
Describe the different types of rules like behavioral, event, flow, common, offense, anomaly and threshold rules.

Section 2: Perform initial investigation of alerts and offenses created by QRadar. 35%
Describe the use of the magnitude of an offense.
Describe the QRadar network hierarchy.
Explain Offense details on offense details view, why/how it was created.
Identify contributing event and or flow information for an offence.
Show offense lifecycle (e.g., Open, Closed, Assigned, Hidden, Protected).
Illustrate the right click function (ie., event filtering, plugins, information, navigate, other).
Break down triggered rules to identify the reason of the offense.
Distinguish potential threats from probable false positives.
Review the vulnerabilities and threat assessment of the hosts that are involved in the offense.
Describe the roles of security devices such as firewall, IDS/IPS, Proxy, Authentication devices, Antivirus software supported by QRadar.
Perform offense management such as assign an offense to a user, close, protect or hide an offense, add notes, send email or mark the offense for follow-up.
Demonstrate how to export Flow/Event data for external analysis.
Summarize the characteristics of the Standard Custom Properties, User-defined Custom Properties and Normalized properties.
Outline Offense Closing Procedures.

Section 3: Identify and escalate undesirable rule behavior to administrator. 20%
Report potential false positives.
Report rule usage and offenses generated by those rules.
Report any abnormal security access trends and events to security admins.
Report threats, risks, or vulnerabilities to network/security admins, based on severity.
Outline simple Offense naming mechanisms.
Interpret rules that test for regular expressions.
Explain relevant test and the test order of the rules.
Illustrate the difference between rule responses and rule actions (e.g. limiter).
Recognize the “special” Building Blocks: Host Definition, Cat Definition, Port Definition.
Describe the usage of the log sources, flow sources, vulnerability scanners, and reference data.
Identify why rules are not being triggered as expected (e.g., dropped from CRE, or local vs global, stateful counters).

Section 4: Extract information for regular or adhoc distribution to consumer of outputs. 17%
Perform searches using filters.
Perform Quick (Lucene) searches.
Perform Advanced (AQL) searches.
Explain the different uses for each search type (ie., filtered, Quick and Advanced).
Intepret a timeseries graph in a dashboard.
Select suitable standard Reports for a situation.
Create and generate scheduled and manual reports.
Share findings about offenses by distributing offense detail via email.
Discuss the content of an event or flow, including the normalized fields.

Section 5: Identify and escalate issues with regards to QRadar health and functionality. 13%
Explain QRadar architecture by summarizing QRadar components (ie., Console, Event Processor, Event Collector, Flow Processor, Data Nodes and Flow Collector, App host).
Interpret common system notifications.
Illustrate the impact of QRadar property indexes.
Distinguish when an event has coalesced information in it.
Illustrate events that are not correctly parsed.
Explain QRadar timestamps (e.g., Log Source Time, Storage time, Start time).
Report any agents or log sources that are not reporting to QRadar on a regular basis.

Overview
PartnerWorld Code: C0003502
Replaces PW Code: 38007401

Status: Live
This entry level certification is intended for security analysts who wish to validate their comprehensive knowledge of IBM Security QRadar SIEM V7.3.2.

These security analysts will understand basic networking, basic Security and SIEM and QRadar concepts.
They will also understand how to log in to, navigate within, and explain capabilities of the product using the graphical user interface.

Additionally, they will also be able to identify causes of offenses, and access, interpret, and report security information in a QRadar deployment.

Note: The function of specific apps, apart from the two bundled with the product, is out of scope, but the concept of extending the capability of using apps is in scope.
Recommended Prerequisite Skills

Basic knowledge of:

SIEM concepts

TCP/IP Networking

IT Security concepts

General IT skills (browser navigation etc…)

internet security attack types

additional features that need additional licenses including but not limited to QRadar Vulnerability Manager, QRadar Risk Manager, QRadar Flows, Incident Forensics

Requirements

This certification requires 1 exam

Exam Required:
Click on the link below to see exam details, exam objectives, suggested training and sample tests.

C1000-018 – IBM QRadar SIEM V7.3.2 Fundamental Analysis

The test:

is available at a 50% discount from July to September 2019. To receive the discount, register for and take Test C1000-018 with promotion code HUCSECURE from July to September 2019.

contains questions requiring single and multiple answers. For multiple-answer questions, you need to choose all required options to get the answer correct. You will be advised how many options make up the correct answer.

is designed to provide diagnostic feedback on the Examination Score Report, correlating back to the test objectives, informing the test taker how he or she did on each section of the test. As a result, to maintain the integrity of each test, questions and answers are not distributed.

Click here to view complete Q&A of C1000-018 exam
Certkingdom Review, Certkingdom PDF Torrents

Best IBM QRadar C1000-018 Certification, IBM QRadar C1000-018 Training at certkingdom.com