IBM C2150-614 Exam Questions

Question 6 of 60

A customer has existing complex network infrastructure with many redundant links and the IP packets are taking different paths for inbound and outbound traffic. A
Deployment Professional needs to configure SFlow.
What should be configured in IBM Security QRadar SIEM V7.2.7 to support this specific case?

A.

Enable flow forwarding

B.

Disable flow forwarding

C.

Enable asymmetric flows

D.

Disable symmetric flows

Question 7 of 60

In IBM Security QRadar SIEM V7.2.7, the number of Aggregated Data Management Views were increased.
How many additional views were added?

A.

100

B.

120

C.

130

D.

170

Question 8 of 60

Two multi-site companies with international presences are merging and consolidating their operations. The companies have decided that the relevant information on each site must be available to the local users only.
How should IBM Security QRadar SIEM V7.2.7 be configured to comply with this request?

A.

The domains must be used with security profiles to limit the available information to a group of users within that domain.

B.

The networks must be used with security profiles to limit the available information to a group of users within that domain.

C.

The multi-tenancy must be configured to isolate the users and then domains will be used to assign log sources and networks to these users.

D.

The multi-tenancy must be configured to allow each company to isolate and control their assets, log sources, users, networks, flows, and dashboards.

Question 9 of 60

A client has configured a log source to forward events to IBM Security QRadar SIEM V7.2.7. It is recommended that the log source level be configured at the notice level by the DSM Guide, but the client has a policy to log all events at a debug level.
The Deployment Professional notices that the configured DSM is parsing most events, but some are being labeled as stored. The client is very interested in correlating some of the events that are being stored.
What should be created to meet this client's goal?

A.

Custom flow property

B.

Custom event property

C.

Custom DSM for parsing overrule

D.

Custom DSM for parsing enhancement

Question 10 of 60

You are tasked with configuring IBM Security QRadar SIEM V7.2.7 to pull a log file that generated daily at midnight from a custom application on a Microsoft
Windows Server.
Which log source protocol should be used to accomplish this task?

A.

WinCollect MSRPC

B.

WinCollect Agent

C.

WinCollect Log File

D.

WinCollect File Forwarder