A2150-195 Online Practice Questions and Answers
Questions 4
What is an Offense Type?
A. The offense response
B. A scoring priority of Set by Event
C. The destination of the e-mail notification sent
D. The index option chosen in the rule that created the offense
Questions 5
What effect does the Offense Retention period have on closed offenses and who can modify this period?
A. The Offense Retention period determines how long a closed offense will be kept in the database before it is deleted. The only person who can modify this period is an IBM Security QRadar V7.0 MR4 (QRadar) admin.
B. Once an offense is closed, any other QRadar user will be able to open it again for the time given by the Offense Retention period. The person who closes an offense is also the person who determines the offense retention period of the closed offense.
C. The offense retention period has no effect on closed offenses. A closed offense is the same as a deleted offense, and offenses that are deleted do not have a retention time. Only QRadar admins can change the offense retention period because it is found in the Admin tab.
D. The offense retention period has no effect on the closed offenses but only on offenses under evaluation. While the QRadar magistrate evaluates and correlates offenses, it may rely on the life span of an offense. Everyone who can create QRadar rules can modify the offense retention period.
Questions 6
How can a user quickly reload the default filter in their current tab?
A. Use the View option
B. Use the Display option
C. Clear all the current filters
D. Double-click the Tab button
Questions 7
A flow is always based on what?
A. unicast and any cast traffic
B. unicast and broadcast traffic
C. unicast. multicast, and anycast traffic
D. unicast, broadcast, and multicast traffic
Questions 8
What is an example of a correctly written single character wild card search term using the Quick Filter?
A. Firewall
B. F(?)rewall
C. "F"(?)"rewall"
D. "FT ?)"rewall"
Questions 9
A user is complaining of slow traffic on a specific network segment. An administrator is investigating the source of the congestion using the IBM Security QRadar V7.0 MR4 (QRadar) Dashboard workspace named Top Applications. The
administrator has drilled down into the details of a traffic spike and is now on the Details tab.
If the administrator double-clicks on the top application in the list, and then sorts by the Total Bytes column, what information is displayed regarding the source and destination IPs of the devices?
A. The devices causing the least traffic for all applications
B. The devices causing the most traffic for all applications
C. The devices causing the least traffic for the selected application
D. The devices causing the most traffic for the selected application
Questions 10
What is the most likely issue with creating a custom property with a bad regex?
A. It slows down the reports when they are executed.
B. It slows down the searching in the Log Activity Viewer.
C. It slows down the event parsing when events are processed.
D. It slows down the dashboard charts while searching for the data
Questions 11
Which column in the log activity displays the coalesced value?
A. Count
B. Raw Count
C. Event Count
D. Roll-up Count
Questions 12
What are three time range options in the New/Edit search dialog box? (Choose three.)
A. Recent
B. Last Year
C. Real Time
D. Next Week
E. Last Month
F. Specific Interval
Questions 13
On the Offenses tab, which option displays offenses by access, exploit, or malware?
A. By Rules
B. By Category
C. By Definition
D. By Source IP
Home | About Us | Contact Us | FAQ | Guarantee Policy | Terms & Conditions | Privacy Policy
Any charges made through this site will appear as Global Simulators Limited. All trademarks are the property of their respective owners.
Copyright © 2004-2024 pass2lead.com, All Rights Reserved.