A2150-195 Online Practice Questions and Answers

Which event search group contains default PCI searches?

A. Compliance

B. System Monitoring

C. Network Monitoring and Management

D. Authentication, Identity, and User Activity

If the IBM Security QRadar V7.0 MR4 operator wants to graph the flow data in the Network Activity tab, which three chart types can be presented? (Choose three.)

A. Pie Chart

B. Bar Chart

C. Line Chart

D. Area Chart

E. Gant Chart

F. Time Series Chart

If an IBM Security QRadar V7.0 MR4 operator wants to detect a specific data string in the flow content, which search parameter should be used as a filter?

A. Source IP

B. Event Name

C. Remote Network

D. Source Payload Contains

Where would a user set a searched view as the default view?

A. Under Save Criteria

B. Under the Admin tab

C. Select the View drop-down list

D. Select Default under the Actions menu

Which search property is required for a user to create a Time Series chart?

A. Have a saved search filtered by an IP/CIDR

B. Have a saved search using an Order By option

C. Have a saved search displaying only two columns

D. Have a saved search with a Grouped By option enabled

Which search parameter in the Log Activity tab must be used to filter events by activity (e.g. SSH Login Succeeded)?

A. Category

B. Magnitude

C. User Name

D. Log Source

When working with rules, why do some rules specify QID values and some specify events?

A. Only low and high level categories can be specified within rules.

B. It is a matter of convention; QIDmap and event names are the same.

C. Event names are more precise; multiple events can be to the same QIDmap entry.

D. QID values are more precise; multiple QIDmap entries can be to same event name.

IBM Security QRadar V7.0 MR4 (QRadar) events that match a particular QRadar event rule are given a magnitude. This magnitude is a combination of which three factors?

A. Severity. Relevance, Weight

B. Severity, Frequency, Weight

C. Severity, Quantity, Credibility

D. Severity, Relevance, Credibility

What are three data types provided by right-clicking IP address > More Options list > Information menu? (Choose three.)

A. Port Scan

B. DateyTime

C. DNS lookup

D. WHOIS lookup

E. Source Summary

F. Destination Summary

Given the IBM Security Framework, IBM Security QRadar V7.0 MR4 fits into which two security domains? (Choose two.)

A. Data

B. People and Physical Security

C. Infrastructure, Network, or Endpoint

D. Applications and Application Security

E. IT Security/Compliance Analytics and Reporting