IBM C2150-612 Exam Questions

Question 6 of 54

What is the primary goal of data categorization and normalization in QRadar?

It allows data from different kinds of devices to be compared.

It preserves original data allowing for forensic investigations.

It allows for users to export data and import it into other system.

It allows for full-text indexing of data to improve search performance.

Correct Answer: A

Question 7 of 54

Which set of information is provided on the asset profile page on the assets tab in addition to ID?

Asset Name, MAC Address, Magnitude, Last user

IP Address, Asset Name, Vulnerabilities, Services

IP Address, Operating System, MAC Address, Services

Vulnerabilities, Operative System, Asset Name, Magnitude

Correct Answer: C

Question 8 of 54

Which type of search uses a structured query language to retrieve specified fields from the events, flows, and simarc tables?

Add Filter

Asset Search

Quick Search

Advanced Search

Correct Answer: D

Question 9 of 54

When using the right click event filtering functionality on a Source IP, one can filter by "Source IP is not [*]".
Which two other filters can be shown using the right click event filtering functionality? (Choose two.)

Filter on DNS entry [*]

Filter on Source IP is [*]

Filter on Time and Date is [*]

Filter on Source or Destination IP is [*]

Filter on Source or Destination IP is not [*]

Correct Answer: B, D

Question 10 of 54

What is indicated by an event on an existing log in QRadar that has a Low Level Category of "Unknown"?

That event could not be parsed

That event arrived out of order from the original device

That event was from a device that is not supported by QRadar

That the event was parsed, but not mapped to an existing QRadar category

Correct Answer: D