C2150-400 Online Practice Questions and Answers

Which option needs to be specified in the syslinux configuration file to reinstall an IBM QRadar appliance via serial port from an USB flash-drive?

A. USB to serial

B. Default serial

C. Serial to USB

D. serial redirect

IBM Security QRadar SIEM can be forced to run an instant configuration backup by selecting which option?

A. Backup Now

B. On Demand Backup

C. Launch On Demand Backup

D. Configure On Demand Backup

What options on the Reports tab allows you to import logos and specific images for use on reports?

A. Design

B. Images

C. Branding

D. Customization

Where does the information about total number of Assets and Vulnerability processed appear?

A. Asset table in Assets tab

B. VA Scanner Configuration screen

C. Vulnerabilities Tab > Scan Result

D. Mouse Ober popup on Schedule Scan Status field

Which operating system is supported for creating a bootable flash drive for recovery?

A. IBM AIX

B. MAC OS X

C. Ubuntu Linux

D. Windows OS

A QRadar SIEM administrator wants to report when a local system connects to the internet on more than 100 destination ports over a 2 hour period. The administrator created an anomaly rule to capture this scenario.

Which type of rule should be selected in the rule creation wizard in this situation?

A. Flow Tule

B. Event Rule

C. Offense Rule

D. Common rule

Which appliance is used to collect, store, and process event and flow data in case of hardware and network failure?

A. Replicated appliance

B. Secondary appliance

C. High availability appliance

D. High accessibility appliance

Who can view all offenses?

A. All users

B. Admin user

C. User who has access to All Log Sources and All Networks

D. Restricted User who has access to a Specific Log Source and Network

Which two fields are required to be filled out when adding a new network to the network hierarchy? (Choose two.)

A. Group

B. Country

C. Mail Server

D. DNS Server

E. IP and CIDR

A QRadar administrator is developing custom uDSM's for an unsupported device. Given this event payload:

<13> Jan 28 12:57:23 9.77.16.19 AgentDevice=FileForwarder AgentLogFile=logger1.log Payload=January 28,2014 12:53:50 PM GMT+05:30|HOST_CREATE_ERROR|Host{1:testserver40} create failed on array {0:Abc}

Which regular expression should the administrator define for parsing the hostname "testserfvefr40"?

A. \w+\s+{.*?\\s}

B. \w+\s+{\d+\:(\.*?)\}

C. \w+\s+{\d+\:(\w+)\}

D. \w+\s+{\d+\:([a-zA-Z]+)\}