Question 6 of 60
A client has configured a log source to forward events to IBM Security QRadar SIEM V7.2.7. It is recommended that the log source level be configured at the notice level by the DSM Guide, but the client has a policy to log all events at a debug level.
The Deployment Professional notices that the configured DSM is parsing most events, but some are being labeled as stored. The client is very interested in correlating some of the events that are being stored.
What should be created to meet this client's goal?
    Correct Answer: D

Question 7 of 60
You are tasked with configuring IBM Security QRadar SIEM V7.2.7 to pull a log file that generated daily at midnight from a custom application on a Microsoft
Windows Server.
Which log source protocol should be used to accomplish this task?
    Correct Answer: B

Question 8 of 60
A Deployment Professional has a reference list of usernames that is used in rules. The Deployment Professional needs to be able to remove a username from the reference list when an offense is detected from a log event.
How can a Deployment Professional accomplish this goal?
    Correct Answer: B

Question 9 of 60
A Deployment Professional has created a new Building Block (BB), and it's not returning any expected events. The Deployment Professional has checked to ensure the BB is enabled and active. No errors are returned.
What should be done to correct this BB problem?
    Correct Answer: A

Question 10 of 60
A Deployment Professional has come on-site to upgrade a IBM Security QRadar SIEM V7.2.7 deployment to a new fix level. Before running the upgrade, the software and fix versions must be verified.
What must the Deployment Professional verify?
    Correct Answer: A