IBM C2150-612 Exam Questions

Question 6 of 54

What is the primary goal of data categorization and normalization in QRadar?

A.

It allows data from different kinds of devices to be compared.

B.

It preserves original data allowing for forensic investigations.

C.

It allows for users to export data and import it into other system.

D.

It allows for full-text indexing of data to improve search performance.

Question 7 of 54

Which set of information is provided on the asset profile page on the assets tab in addition to ID?

A.

Asset Name, MAC Address, Magnitude, Last user

B.

IP Address, Asset Name, Vulnerabilities, Services

C.

IP Address, Operating System, MAC Address, Services

D.

Vulnerabilities, Operative System, Asset Name, Magnitude

Question 8 of 54

Which type of search uses a structured query language to retrieve specified fields from the events, flows, and simarc tables?

A.

Add Filter

B.

Asset Search

C.

Quick Search

D.

Advanced Search

Question 9 of 54

When using the right click event filtering functionality on a Source IP, one can filter by "Source IP is not [*]".
Which two other filters can be shown using the right click event filtering functionality? (Choose two.)

A.

Filter on DNS entry [*]

B.

Filter on Source IP is [*]

C.

Filter on Time and Date is [*]

D.

Filter on Source or Destination IP is [*]

E.

Filter on Source or Destination IP is not [*]

Question 10 of 54

What is indicated by an event on an existing log in QRadar that has a Low Level Category of "Unknown"?

A.

That event could not be parsed

B.

That event arrived out of order from the original device

C.

That event was from a device that is not supported by QRadar

D.

That the event was parsed, but not mapped to an existing QRadar category