System Upgrade Preparation

Questions and Answers

You want to perform an upgrade and are getting fully prepared prior to installation. Which program assists with running health checks before major events to determine whether there are any issues that need to be addressed?

A. DrQ (correct)

B. getlogs

C. Validate Deployment

D. health_check

Which data that is assigned to a user is maintained by QRadar after you delete the user's account?

A. The inactivity timeout

B. Saved searches (correct)

C. The security profile

D. The username and password

An administrator plans to deploy multiple log sources that share a common configuration. How many log sources can be added at one time? A. 750 B. 500 C. 1000 D. 250

A. 750

B. 500 (correct)

C. 1000

D. 250

A QRadar administrator recently installed a QRadar content pack that comes shipped with a custom Pulse dashboard. What does the administrator do to make the new dashboard available in the Pulse application?

A. Use the Synchronize function of the Pulse app in the Admin tab

Which option creates an OR condition in the Custom Rules Engine?

B. When the false positive signature matches one of the following signatures

Which of the following changes require standard deployment ?

C. Adding or editing a new user or user role.

Which of the following are true about Data node?

C. A data node is an appliance that you can add to your event and flow processors to increase storage capacity and improve search performance.

What is a reason for restarting hostcontext service in QRadar?

C. The host is not responding to deploy requests

Which tool can be used to check the connections to all managed hosts and verify the versions of ECS and ECS-Ingress services after an upgrade?

C. validate_ecs_service.sh

What option in QRadar allows you to run a weekly report before the full week has elapsed since you created the report?

A. Run Report on Raw Data

Study Notes

Preparation for Upgrade

• The Health Check program assists with running health checks before major events to determine whether there are any issues that need to be addressed.

User Account and Data

• After deleting a user's account, QRadar maintains the assigned data.

Log Sources Deployment

• An administrator can add up to 1000 log sources at one time.

Custom Pulse Dashboard

• To make a custom Pulse dashboard available, the administrator needs to import the custom dashboard in the Pulse application.

Custom Rules Engine

• The 'OR' operator creates an OR condition in the Custom Rules Engine.

Deployment Changes

• Standard deployment is required for certain changes.

Data Node Characteristics

• Data node has the following characteristics (details not specified).

Hostcontext Service Restart

• A reason for restarting the hostcontext service in QRadar is not specified (open-ended).

Connection Verification Tool

• The deployment validator tool can be used to check connections to all managed hosts and verify the versions of ECS and ECS-Ingress services after an upgrade.

Report Scheduling

• QRadar allows you to run a weekly report before the full week has elapsed since you created the report using the ad-hoc reporting option.

Description

Get ready for a smooth upgrade by identifying potential issues beforehand. This quiz helps you prepare for a successful upgrade by running health checks and resolving problems beforehand.