IBM C2150-624 Exam Questions

Question 6 of 60

An Administrators will add a secondary host to an IBM Security QRadar SIEM V7.2.8 Console in a High Availability (HA) deployment scenario.
After checking the compatibility between primary and secondary HA pairs, what other prerequisite should the Administrator check within Managed Interfaces?

A.

The shared external storage.

B.

The server certificate that is issued by the local CA.

C.

The existence of an additional distributed file system.

D.

The communication for Distributed Replicated Block Device.

Question 7 of 60

An Administrator working with IBM Security QRadar SIEM V7.2.8 needs to delete a single value named User1 from a reference set with the name "Allowed Users" from the command line interface.
Which command will accomplish this?

A.

./UtilReferenceSet.sh purge "Allowed Users" User1

B.

./ReferenceSetUtil.sh purge "Allowed Users" User1

C.

./ReferenceSetUtil.sh delete "Allowed\ Users" User1

D.

./UtilReferenceSet.sh delete "Allowed\ Users" User1

Question 8 of 60

When it comes to licensing, what is the difference between Events and Flows and how they are licensed?

A.

Flows are licensed based on overall count over a minute, where Events are licensed based on overall count per second.

B.

Flows are licensed based on overall count per second, where Events are licensed based on overall count over a minute.

C.

Flows and Events are both licensed by overall count per minute under an Upgraded License and per second on a Basic License.

D.

Flows and Events are both licensed by overall count per second under an Upgraded License and per second on a Basic License.

Question 9 of 60

When an IBM Security QRadar SIEM V7.2.8 distributed deployment requires scaling horizontally to achieve Event per Second (EPS) requirements, what QRadar
Component needs to be added to meet the EPS demands?

A.

Event Manager

B.

Event Indexing

C.

Event Collector

D.

Event Processor

Question 10 of 60

The event data collected by IBM Security QRadar SIEM V7.2.8 is being deleted after one month. The legal department required the data be kept for two months.
What can the administrator do to accommodate this requirement?

A.

Change the nightly backup Priority to "High".

B.

Change the nightly backup to a monthly backup.

C.

Change the Default Event Retention Policy property field "Do not delete data in this bucket" to two months.

D.

Change the Default Event Retention Policy property field "Keep data placed in this bucket for" to two months.