C2150-196 Exam Questions
135 real C2150-196 exam questions with expert-verified answers and explanations. Page 1 of 3.
- Question #1
What are the main functions of the Report wizard within IBM Security QRadar SIEM V7.1?
- Question #2
Where is the optimal location for IBM Security QRadar QFIow appliances to monitor Internettraffic?
- Question #3
How is the WinCollect agent enabled to communicate with the IBM Security QRadar SIEM V7.1 (QRadar) console?
- Question #4
In which section can event or flow hashingbe enabled/disabled in IBM Security QRadar SIEM V7 .1?
- Question #5
What action(s) can be taken from the Log and Network Activity tab?
- Question #6
Which user account is used to log in when installing the activation key?
- Question #7
What are three types of rules that can be createdusing the Rule Wizard? (Choose three.)
- Question #8
What is an IBM Security QRadar network object?
- Question #9
Where is a LSX uploaded to IBM Security QRadar SIEM V7.1 to be used by a UDSM in the Admin Section?
- Question #10
When scheduling a vulnerability scan which factor would be controlled by the Concurrency Mask?
- Question #11
How does a rule generate a new Correlation Rule Engine (CRE) event?
- Question #12
Howis a new high level or low level event category added to IBM Security QRadar SIEM V7.1?
- Question #13
By default theServer Discovery function inserts discovered servers into building blocks in which category?
- Question #14
What is the allowable range for Object Weight when defining a network hierarchy object?
- Question #15
What type of host name does IBM Security QRadar SIEM V7.1 require in the network settings Hostname field?
- Question #16
The Retention Properties screen provides many configuration items to allow for managing the contents of the retention bucket. Which two items are available for bucketmanagement? (C...
- Question #17
When adding a managed host using encryption, which network port must be openbi- directionally between the console and new host?
- Question #18
Which script is issued to make changes to the template?
- Question #19
Which two fields are available for indexing in the Index Management page? (Choose two.)
- Question #20
Which two flow sources provide layer 7 payload? (Choose two.)
- Question #21
What is a definingcharacteristic of an asymmetric flow?
- Question #22
When creating a new IBM Security QRadar SIEMV7.1 user account, the administrator did not give access to the log source group (called MS Domain Security Logs) that contains Microsof...
- Question #23
Whichstatement best describes the available options when configuring a new routing rule?
- Question #24
Which statement applies to IBM Security QRadar SIEM V7.1 virtual appliances?
- Question #25
How can asset profiles be searched?
- Question #26
What must be done when creating a user's password on an IBM Security QRadar SIEM V7.1 (QRadar) system that is utilizing Active Directory authentication?
- Question #27
What notation is used to enter a class A network 10.0.0.0 into an IBM Security QRadar SIEM V7.1 network hierarchy?
- Question #28
What must be done first when changing the network settings on a console in a multi- system deployment?
- Question #29
What must be done to put licenses into effect after applying a license file using the Managed License action of the System and License Management dialog?
- Question #30
What is the default password to access the Integrated Management Module remote accesscontroller for an IBM Security QRadar appliance?
- Question #31
Which option is available for sharing offenses with non-IBM Security QRadar users?
- Question #32
How are new reference sets created in IBM Security QRadar (QRadar)?
- Question #33
What must be done prior to clicking on False Positive if flows or events are being viewed in streaming mode?
- Question #34
What is the last step to add aprotocol based log source?
- Question #35
After gathering all required files from the IBM Security QRadar SIEM V7.1 appliance using SSH connectivity which protocol can be used to retrieve the tar.bz2 file or any other file...
- Question #36
On the Offense summary page, which filter is executed when the Events icon or the link with the number of events is clicked?
- Question #37
What is a prerequisite to create a report that contains at least one bar chart?
- Question #38
Offenses can be exported to which two file formats? (Choose two.)
- Question #39
Which two actions allow modification of the current displayed search result set? (Choose two.)
- Question #40
Which function can be used to tune out Events/Flows with a specific QID and a specific destination IP address from contributing to an offense?
- Question #41
After editing the IPTables configuration file, which command reloads the IPTables?
- Question #42
How can ALE be used to collect Windows 2008 events?
- Question #43
What would be considerations for defining a Threshold Rule in the Automated Anomaly Analysis?
- Question #44
Where is the activation key located?
- Question #45
Where in the IBM Security QRadar SIEM V7.1 GUI can information be added abouta network hierarchy?
- Question #46
Which appliance can be used to throttle bandwidth of event collection?
- Question #47
When a routing rule is configured, why might the Drop option be selected?
- Question #48
A network hierarchy consists of these objects: DMZ 192.168.0.0/16 Webservers 192.168.1.0/24 MailServers192.168.2.0/24 UserNetwork 10.0.0.0/8 Which object(s) does 192.168.1.5 fall i...
- Question #49
What is event and flow hashing used for in IBM Security QRadar SIEM V7.1?
- Question #50
Which file should be sent to IBM Support if contacting them for system problems?