Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home IBM C2150-612

IBM C2150-612 Exam Practice Questions (P. 1)

  • Full Access (54 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #1
Where can a user add a note to an offense in the user interface?
  1. A
    Dashboard and Offenses Tab
  2. B
    Offenses Tab and Offense Detail Window
  3. C
    Offenses Detail Window, Dashboard, and Admin Tab
  4. D
    Dashboard, Offenses Tab, and Offense Detail Window

Correct Answer:
B
References:
IBM Security QRadar SIEM Users Guide. Page: 34

Question #2
When might a Security Analyst want to review the payload of an event?
  1. A
    When immediately after login, the dashboard notifies the analyst of payloads that must be investigated
  2. B
    When "Review payload" is added to the offense description automatically by the "System: Notification" rule
  3. C
    When the event is associated with an active offense, the payload may contain information that is not normalized or extracted fields
  4. D
    When the event is associated with an active offense with a magnitude greater than 5, the payload should be reviewed, otherwise it is not necessary

Correct Answer:
C

Question #3
Which key elements does the Report Wizard use to help create a report?
  1. A
    Layout, Container, Content
  2. B
    Container, Orientation, Layout
  3. C
    Report Classification, Time, Date
  4. D
    Pagination Option, Orientation, Date

Correct Answer:
A
References:
IBM Security QRadar SIEM Users Guide. Page: 201

Question #4
How is an event magnitude calculated?
  1. A
    As the sum of the three properties Severity, Credibility and Relevance of the Event
  2. B
    As the sum of the three properties Severity, Credibility and Importance of the Event
  3. C
    As a weighted mean of the three properties Severity, Credibility and Relevance of the Event
  4. D
    As a weighted mean of the three properties Severity, Credibility and Importance of the Event

Correct Answer:
C

Question #5
What is a benefit of using a span port, mirror port, or network tap as flow sources for QRadar?
  1. A
    These sources are marked with a current timestamp.
  2. B
    These sources show the ASN number of the remote system.
  3. C
    These sources show the username that generated the flow.
  4. D
    These sources include payload for layer 7 application analysis.

Correct Answer:
D
References:
https://www.ibm.com/developerworks/community/forums/html/topic?id=dd3861e0-f630-4a53-94c3-b426a47b6e02

Next Questions

All Pages