IBM Exam C1000-156 Topic 3 Question 24 Discussion

Actual exam question for IBM's C1000-156 exam

Question #: 24
Topic #: 3

[All C1000-156 Questions]

How can you configure a log source to provide events to different domains?

ACreate a saved search on the Network Activity tab to view events in specific domains.

BUse the Assistant app to update the domain information for the log source.

CUse custom properties to assign events from a single log source to different domains.

DUse the Use Case Manager app to update building blocks to support multi domain events.

Show Suggested Answer

Suggested Answer: C, D

In the Domain Management function of IBM QRadar SIEM, two key data sources that can be assigned to a domain are Flow Collectors and Log Sources. Flow collectors capture and analyze network flow data, while log sources refer to various devices and applications that send log data to QRadar for analysis. By assigning these data sources to a domain, administrators can segment and manage the data more effectively, ensuring that the correct flow and log data are processed and analyzed within the designated domain. This segmentation enhances security and performance by isolating data handling according to domain-specific policies.

Reference QRadar SIEM V7.5 Administration Guide - Chapter on Domain Management and Data Source Assignment

by Lizbeth at Feb 09, 2025, 07:16 AM

Limited Time Offer

25%

15 days ago

I think the answer is C) Use custom properties to assign events from a single log source to different domains.

upvoted 0 times

...