IBM Security QRadar V7.3.1 Fundamental Administration — Question 13

A Guardium administrator installed an S-TAP but is not seeing any data in reports on the collector. The administrator discovered that an Inspection Engine is not configured for that S-TAP.
What is an Inspection Engine?

Answer options

• A. A piece of software residing on the Collectors.
• B. Another software to be installed on the Database server.
• C. The same thing as the policy and it runs on the S-TAP to inspect the traffic in real-time.
• D. A set of parameters needed for the S-TAP to define how to monitor traffic for a particular database instance on a server.

Correct answer: C

Explanation

The correct answer is C because the Inspection Engine is indeed the component that runs on the S-TAP to perform real-time traffic inspection. Option A is incorrect as it describes the location of software that is not an Inspection Engine. Option B incorrectly suggests that the Inspection Engine is separate software, while D misrepresents its function by suggesting it defines monitoring parameters rather than executing the inspection itself.