IBM Exam C1000-055 Topic 10 Question 3 Discussion

Actual exam question for IBM's C1000-055 exam

Question #: 3
Topic #: 10

A systems team has configured their application to send syslog via tcp to a QRadar event collector. The deployment professional has noted that no such logs have arrived for the pre-defined log source.

To troubleshoot this and to prove this traffic has/has not arrived at the event collector, what command can be used from the event collector CLI?

(The Device_Address is an IPv4 address or a host name)

Apcap -s 0 -A host Device_Address and udp port 514

Bpcap -s 0 -A host Device Address and port 514

Ctcpdump -s 0 -A host DeviceAddress and port 514

Dtcpdump -s 0 -A host Device Address and udp port 514

Show Suggested Answer

Suggested Answer: B

by France at May 09, 2022, 07:41 AM

Limited Time Offer

25%

Off

Get Premium C1000-055 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!