Pass4itsure > IBM > IBM Certified Deployment Professional > C2150-400 > C2150-400 Online Practice Questions and Answers

C2150-400 Online Practice Questions and Answers

Questions 4

A QRadar SIEM administrator wants to create a Flow Rule that includes a building block definition (BB) that includes applications that indicate communication with file sharing sites. In which group will the administrator find this specified building block?

A. Policy

B. Host Definitions

C. Network Definition

D. Category Definitions

Buy Now
Questions 5

Which character is used for naming subgroups when using the option Add Group in the Network Hierarchy editor?

A. +(plus)

B. . (period)

C. \ (Backslash)

D. /(Forward Slash)

Buy Now
Questions 6

Which directory from the QRadar host can be moved to offboard storage?

A. A/ar

B. /store

C. /home

D. /media

Buy Now
Questions 7

Which two search filters are available on the QRadar console while making an asset search? (Choose two.)

A. PCI Severity. NERC Severity

B. Vulnerability CVSS Base Score. Vulnerability Risk Score

C. Vulnerability on Open Port, Vulnerability on Open Service

D. Vulnerability on Open Port, Vulnerability External Reference

E. Vulnerability on Source Port, Vulnerability on Destination Port

Buy Now
Questions 8

What is a benefit of enabling indexes on event properties?

A. Improved Offense Correlation

B. Improved search performance

C. Improved Performance of Custom Rules

D. Improved accuracy of auto-discovery log sources

Buy Now
Questions 9

What does the message in the System Notification Widget on the Dashboard "Disk Sentry: Disk Usage exceeded max threshold" tell you?

A. One of your Files Systems has exceeded 92%.

B. One of your Files Systems has exceeded 95%.

C. One of your Files Systems has exceeded 98%

D. One of your Files Systems has exceeded 90%.

Buy Now
Questions 10

Where is an email address from which you want to receive email alerts on QRadar SIEM located?

A. Admin > System settings > Alert Email From Address

B. Admin > Console settings > Alert Email From Address

C. Admin > System settings > Administrative Email Address

D. Admin > Console settings > Administrative Email Address

Buy Now
Questions 11

Which two formats are available for reports generated from the QRadar Reporting Tab? (Choose two.)

A. TXT

B. CSV

C. PDF

D. HTML

E. PostScript

Buy Now
Questions 12

Which action prevents an offense from being removed from the database?

A. Hide

B. Show

C. Export

D. Protect

Buy Now
Questions 13

Who can view all offenses?

A. All users

B. Admin user

C. User who has access to All Log Sources and All Networks

D. Restricted User who has access to a Specific Log Source and Network

Buy Now
Exam Code: C2150-400
Exam Name: IBM Security Qradar SIEM Implementation v 7.2.1
Last Update: Mar 21, 2024
Questions: 175
10%OFF Coupon Code: SAVE10

PDF (Q&A)

$45.99

VCE

$49.99

PDF + VCE

$59.99