Create Next App

Exam contains 57 questions

Page 9 of 10

Question 49 🔥

An Administrator of an IBM Security QRadar SIEM V7.2.8 deployment needs to exclude the mail servers from a custom rule.How would the Administrator complete this task?

Which database solution meets these requirements?

C. Create a custom rule. In the "Rule Response" section of the Rule Wizard, select the Trigger Scan option. Add the mail server IP Addresses to the table and select exclude.

Highly voted

D. Create the custom rule. Create a Custom Action from the Admin Tab, to exclude the mail servers IP Addresses. In the "Rule Response" section of the Rule

Highly voted

A. Create a building block that includes the IP addresses of all mail servers, use that building block in the custom rule, to exclude those hosts.

Highly voted

B. Create several rules excluding each mail server. Place these rules with the custom rule in a master rule, making sure the custom rule is last in the sequence.

Highly voted

Discussion of the question

Question 50 🔥

How can an IBM Security QRadar SIEM V7.2.8 Administrator capture specific data to a reference set when QRadar receives the data from events or flow data?

Which database solution meets these requirements?

A. Create or modify a report so the required data is exported to a Reference Set.

Highly voted

B. On the Admin tab. create or modify the reference set to capture the required data.

Highly voted

C. On the Admin tab define a Custom Action to add the required data to a Reference Set.

Highly voted

D. Create or modify a rule so the Rule Response will add the required data to a Reference Set.

Highly voted

Discussion of the question

Question 51 🔥

What are three protocols that collect flow data from network devices, such as routers, and send this data to IBM Security QRadar SIEM V7.2.8?

Which database solution meets these requirements?

A. NetFlow, J-Flow and sFlow

Highly voted

B. NetFlow, IPFIX and syslog

Highly voted

C. NetFlow, rsyslog and sFlow

Highly voted

D. NetFlow, Packeteer and syslog

Highly voted

Discussion of the question

Question 52 🔥

An Administrator is adding a log source in IBM Security QRadar SIEM V7.2.8.What required software application that supports the log source should be used for this procedure?

Which database solution meets these requirements?

A. QRadar QFlow Collector

Highly voted

B. QRadar Event Collector

Highly voted

C. Device Support Module (DSM)

Highly voted

D. IBM X-Force Exchange plug-in for QRadar

Highly voted

Discussion of the question

Question 53 🔥

What is the difference between Flows and Event data collected by IBM Security QRadar SIEM V7.2.8?

Which database solution meets these requirements?

A. Events are streamed each minute to the Event Processor. Flows are streamed immediately to the Flow Processor.

Highly voted

B. Flow data is collected from different log sources. Event data is collected from internal or external network sources.

Highly voted

C. An Event occurs at a specific time and is logged at that time. A Flow is a record of network activity that can last for seconds, minutes, hours, or days.

Highly voted

D. An Event can span time lasting seconds, minutes, hours depending on the duration of a network session. A Flow happens at a single point in time and then is

Highly voted

Discussion of the question

Question 54 🔥

What is needed to send the same events and flows to separate data centers or geographically separate sites and enable data redundancy in IBM Security QRadarSIEM V7.2.8?

Which database solution meets these requirements?

A. A Flashcopy or GlobalMirror License.

Highly voted

B. A dark fibre network and proper configuration of the backup and recovery feature.

Highly voted

C. A load balancer or other method to deliver the same data to mirrored appliances.

Highly voted

D. Use the Backup and Recovery automation feature in QRadar and a dedicated fiber channel connection.

Highly voted

Discussion of the question

Ready to Pass Your Certification Test

ibm C2150_624

Exam contains 57 questions

Lorem ipsum dolor sit amet consectetur. Eget sed turpis aenean sit aenean. Integer at nam ullamcorper a.

Company

Product

Resources

Follow us