Download IBM.C2150-612.ExamsKey.2018-12-27.33q.tqb
| Vendor: | IBM |
| Exam Code: | C2150-612 |
| Exam Name: | IBM Security QRadar SIEM V7.2.6 Associate Analyst |
| Date: | Dec 27, 2018 |
| File Size: | 111 KB |
Demo Questions
Question 1
Which type of search uses a structured query language to retrieve specified fields from the events, flows, and simarc tables?
- Add Filter
- Asset Search
- Quick Search
- Advanced Search
Correct answer: D
Explanation:
References:http://www.ibm.com/support/knowledgecenter/en/SS42VS_7.2.7/com.ibm.qradar.doc/c_qradar_ug_search_bar.html References:
http://www.ibm.com/support/knowledgecenter/en/SS42VS_7.2.7/com.ibm.qradar.doc/c_qradar_ug_search_bar.html
Question 2
When using the right click event filtering functionality on a Source IP, one can filter by “Source IP is not [*]”.
Which two other filters can be shown using the right click event filtering functionality? (Choose two.)
- Filter on DNS entry [*]
- Filter on Source IP is [*]
- Filter on Time and Date is [*]
- Filter on Source or Destination IP is [*]
- Filter on Source or Destination IP is not [*]
Correct answer: BD
Question 3
What is indicated by an event on an existing log in QRadar that has a Low Level Category of “Unknown”?
- That event could not be parsed
- That event arrived out of order from the original device
- That event was from a device that is not supported by QRadar
- That the event was parsed, but not mapped to an existing QRadar category
Correct answer: D
Explanation:
References:https://www.ibm.com/support/knowledgecenter/SSKMKU/com.ibm.dsm.doc/c_DSM_guide_UniversalLEEF_eventmap.html#c_dsm_guide_universalleef_eventmap References:
https://www.ibm.com/support/knowledgecenter/SSKMKU/com.ibm.dsm.doc/c_DSM_guide_UniversalLEEF_eventmap.html#c_dsm_guide_universalleef_eventmap
