DES-6322 Specialist – Implementation Engineer, VxRail Exam

 

Certification Overview
Hyperconverged solutions simplify IT operations while reducing operational costs. A VxRail cluster allows businesses to start small when integrating into their datacenters and grown seamlessly. Individuals (internals or partners) supporting VxRail customers are required to understand and follow the implementation services in addition to understanding the extended VxRail environment. Individuals will use the certification to validate their knowledge to support implementation activities.

Certification Requirements
To complete the requirements for this certification you must:

1. Achieve one of the following Associate level certifications*
• Associate – Converged Systems and Hybrid Cloud Version 2.0
• Associate – Cloud Infrastructure and Services Version 3.0

2. Pass the following Specialist exam on or after June 11, 2021:
• DES-6322 Specialist – Implementation Engineer, VxRail Exam

Note: These details reflect certification requirements as of June 11, 2021.
The Proven Professional Program periodically updates certification requirements. *Please check the Proven Professional CertTracker website regularly for the latest information and for other options to meet the Associate level requirement.

Overview
This exam is a qualifying exam for the Specialist – Implementation Engineer, VxRail (DCS-IE) track.
This exam focuses on the overall product, hardware, and software requirements to implement a VxRail cluster. This includes an introduction to VxRail, hardware installation, pre-deployment tasks, environment validation, software implementation, post-deployment procedures, product scale-out options, REST API functionality, and common issues and troubleshooting of events.

Dell Technologies provides free practice tests to assess your knowledge in preparation for the exam. Practice tests allow you to become familiar with the topics and question types you will find on the proctored exam. Your results on a practice test offer one indication of how prepared you are for the proctored exam and can highlight topics on which you need to study and train further. A passing score on the practice test does not guarantee a passing score on the certification exam.

Products likely to be referred to on this exam include but are not limited to:
• Dell EMC VxRail 7.0.XXX
• Dell EMC PowerEdge Servers
• VMware vSphere
• VMware vSAN
• VMware vCenter

Exam Topics
Topics likely to be covered on this exam include:

Introduction to VxRail (8%)
• Describe VxRail use cases, architecture, models, and software stack
• Describe VxRail management, licensing, and data protection options

VxRail Pre-deployment Tasks and Hardware Installation (12%)
• Describe VxRail pre-installation requirements and use of the configuration tools
• Describe VxRail system racking and cabling procedures
• Describe system power up/down and setting management VLAN procedures

VxRail Network Environment Requirements and Initialization (10%)
• Validate the network environment manually
• Validate the network environment using the Network Validation Tool
• Describe ToR network requirements and settings

VxRail System Initialization (17%)
• Describe considerations for deploying Embedded and External vCenter configurations
• Explain differences in the VxRail implementation procedures for various configuration options
• Perform a VxRail initialization using the VxRail First Run Wizard
• Explain requirements for 2-node implementations

VxRail Post-deployment Procedures (20%)
• Perform post-installation validation of the VxRail Cluster Configure support account, SRS, and perform software upgrades
• Describe how to Implement licenses for a VxRail cluster
• Explain the vSAN configuration settings and configure required vSAN settings post deployment
• Configure support account and SRS
• Complete a Test Plan and generate a VxRail As-Built Configuration report

VxRail Cluster Expansion and Stretched Clusters (13%)
• Describe VxRail Upgrade requirements and activities
• Describe VxRail appliance scale-out best practices and the cluster expansion process
• Describe the VxRail Stretched Cluster architecture, features, and requirements

VxRail Troubleshooting (13%)
• Perform VxRail log collections
• Describe VxRail troubleshooting resources and their uses
• Troubleshooting using vSAN tools
• Perform VxRail RASR factory image upgrade and reset procedures

VxRail Appliance REST API (7%)
• Identify REST API functionality available in VxRail and use VxRail API to perform tasks
The percentages after each topic above reflects the approximate distribution of the total question set across the exam.

Recommended Training
The following curriculum is recommended for candidates preparing to take this exam.
Please complete one of the following courses

Please complete one of the following courses Course Title Course Number Mode Available as of VxRail Appliance 7.0.XXX Concepts ES101CPX02007 On Demand 09/11/2020
Please complete the following course Course Title Course Number Mode Available as of VxRail 7.0.XXX Feature - REST API ES102CPX02009 On Demand 04/23/2021
Please complete one of the following courses Course Title Course Number Mode Available as of VxRail Installation and Implementation ES524CPX00074 Classroom/Virtual Classroom 3/5/2021 VxRail 7.0.XXX Installation and Implementation
ES502CPX02031 On Demand 02/22/2021

Note: These exam description details reflect contents as of June 11, 2021.
The Proven Professional Program periodically updates exams to reflect technical currency and relevance. Please check the Proven Professional website regularly for the latest information.

QUESTION 1
What is a consideration when implementing a custom VDS on a VxRail cluster?

A. Used by multiple clusters managed by a single vCenter instance
B. Supported with external and internal vCenter Servers
C. Supports only four NIC uplinks
D. Supports only two NIC uplinks

Correct Answer: B

QUESTION 2
What is the recommended format for host names when using the VxRail Deployment Wizard for an External vCenter solution?

A. FQDN for vCenter Server Host name for VxRail Manager
B. Host name for both vCenter Server and for VxRail Manager
C. FQDN for both vCenter Server and for VxRail Manager
D. Host name for vCenter Server FQDN for VxRail Manager

Correct Answer: A

QUESTION 3
A company needs to enable vSphere GPU capabilities on their VxRail cluster. To do so, they need to purchase a specific entitlement.
What licensing satisfies this requirement?

A. vSphere Enterprise Plus
B. vSAN Enterprise Plus Edition
C. vSAN Advanced Edition
D. vSphere Standard

Correct Answer: B

Examkingdom Dell EMC DES-6322 Exam pdf, Certkingdom Dell EMC DES-6322 PDF

Best Dell EMC DES-6322 Certification, Dell EMC DES-6322 Training at certkingdom.com

C1000-018 IBM QRadar SIEM V7.3.2 Fundamental Analysis Exam

 

Number of questions: 60
Number of questions to pass: 38
Time allowed: 90 mins
Status: Live

The test consists of 5 sections containing a total of approximately 60 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.

Section 1: Monitor outputs of configured use cases. 15%
Perform dashboard customization.
Review outputs in all available QRadar Tabs (Dashboards, Log Activity, Network Activity, Assets, etc.).
Navigate to, from and within an offense.
Distinguish offenses from triggered rules.
Review security access trends and anomalies.
Review security risks and network vulnerabilities detected by QRadar.
Describe the different types of rules like behavioral, event, flow, common, offense, anomaly and threshold rules.

Section 2: Perform initial investigation of alerts and offenses created by QRadar. 35%
Describe the use of the magnitude of an offense.
Describe the QRadar network hierarchy.
Explain Offense details on offense details view, why/how it was created.
Identify contributing event and or flow information for an offence.
Show offense lifecycle (e.g., Open, Closed, Assigned, Hidden, Protected).
Illustrate the right click function (ie., event filtering, plugins, information, navigate, other).
Break down triggered rules to identify the reason of the offense.
Distinguish potential threats from probable false positives.
Review the vulnerabilities and threat assessment of the hosts that are involved in the offense.
Describe the roles of security devices such as firewall, IDS/IPS, Proxy, Authentication devices, Antivirus software supported by QRadar.
Perform offense management such as assign an offense to a user, close, protect or hide an offense, add notes, send email or mark the offense for follow-up.
Demonstrate how to export Flow/Event data for external analysis.
Summarize the characteristics of the Standard Custom Properties, User-defined Custom Properties and Normalized properties.
Outline Offense Closing Procedures.

Section 3: Identify and escalate undesirable rule behavior to administrator. 20%
Report potential false positives.
Report rule usage and offenses generated by those rules.
Report any abnormal security access trends and events to security admins.
Report threats, risks, or vulnerabilities to network/security admins, based on severity.
Outline simple Offense naming mechanisms.
Interpret rules that test for regular expressions.
Explain relevant test and the test order of the rules.
Illustrate the difference between rule responses and rule actions (e.g. limiter).
Recognize the "special" Building Blocks: Host Definition, Cat Definition, Port Definition.
Describe the usage of the log sources, flow sources, vulnerability scanners, and reference data.
Identify why rules are not being triggered as expected (e.g., dropped from CRE, or local vs global, stateful counters).

Section 4: Extract information for regular or adhoc distribution to consumer of outputs. 17%
Perform searches using filters.
Perform Quick (Lucene) searches.
Perform Advanced (AQL) searches.
Explain the different uses for each search type (ie., filtered, Quick and Advanced).
Intepret a timeseries graph in a dashboard.
Select suitable standard Reports for a situation.
Create and generate scheduled and manual reports.
Share findings about offenses by distributing offense detail via email.
Discuss the content of an event or flow, including the normalized fields.

Section 5: Identify and escalate issues with regards to QRadar health and functionality. 13%
Explain QRadar architecture by summarizing QRadar components (ie., Console, Event Processor, Event Collector, Flow Processor, Data Nodes and Flow Collector, App host).
Interpret common system notifications.
Illustrate the impact of QRadar property indexes.
Distinguish when an event has coalesced information in it.
Illustrate events that are not correctly parsed.
Explain QRadar timestamps (e.g., Log Source Time, Storage time, Start time).
Report any agents or log sources that are not reporting to QRadar on a regular basis.

Overview
PartnerWorld Code: C0003502
Replaces PW Code: 38007401
Status: Live

This entry level certification is intended for security analysts who wish to validate their comprehensive knowledge of IBM Security QRadar SIEM V7.3.2.

These security analysts will understand basic networking, basic Security and SIEM and QRadar concepts.
They will also understand how to log in to, navigate within, and explain capabilities of the product using the graphical user interface.

Additionally, they will also be able to identify causes of offenses, and access, interpret, and report security information in a QRadar deployment.

Note: The function of specific apps, apart from the two bundled with the product, is out of scope, but the concept of extending the capability of using apps is in scope.

Recommended Prerequisite Skills
Basic knowledge of:
SIEM concepts
TCP/IP Networking
IT Security concepts
General IT skills (browser navigation etc...)
internet security attack types additional features that need additional licenses including but not limited to QRadar Vulnerability Manager, QRadar Risk Manager, QRadar Flows, Incident Forensics

Requirements
This certification requires 1 exam

Exam Required:
Click on the link below to see exam details, exam objectives, suggested training and sample tests.

C1000-018 - IBM QRadar SIEM V7.3.2 Fundamental Analysis

The test: contains questions requiring single and multiple answers. For multiple-answer questions, you need to choose all required options to get the answer correct. You will be advised how many options make up the correct answer. is designed to provide diagnostic feedback on the Examination Score Report, correlating back to the test objectives, informing the test taker how he or she did on each section of the test. As a result, to maintain the integrity of each test, questions and answers are not distributed.

QUESTION 1
Which use case type is appropriate for VPN log sources? (Choose two.)

A. Advanced Persistent Threat (APT)
B. Insider Threat
C. Critical Data Protection
D. Securing the Cloud

Correct Answer: AB

QUESTION 2
What is displayed in the status bar of the Log Activity tab when streaming events?

A. Average number of results that are received per second.
B. Average number of results that are received per minute.
C. Accumulated number of results that are received per second.
D. Accumulated number of results that are received per minute.

Correct Answer: A

QUESTION 3
An analyst wants to analyze the long-term trending of data from a search.
Which chart would be used to display this data on a dashboard?

A. Bar Graph
B. Time Series chart
C. Pie Chart
D. Scatter Chart

Correct Answer: A

Examkingdom IBM C1000-018 Exam pdf, Certkingdom IBM C1000-018 PDF

Best IBM C1000-018 Certification, IBM C1000-018 Training at certkingdom.com