Download IBM Security QRadar SIEM V7.2.7 Deployment.C2150-614.CertKey.2018-11-09.35q.tqb

Vendor: IBM
Exam Code: C2150-614
Exam Name: IBM Security QRadar SIEM V7.2.7 Deployment
Date: Nov 09, 2018
File Size: 614 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAM_HUB

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
A Deployment Professional has detected a big spike in a customer’s “Malware infection detected” rule that monitors their endpoint anti-virus solution. The spike happened over the weekend, but when the rule was checked, it was not changed. Since Monday morning, the rule has spiked and has not yet stopped generating offenses. 
What was added to the customer's QRadar log sources that caused this problem? 
  1. Proxies
  2. Flow Collectors
  3. Domain Controllers
  4. Guest network in their offices.
Correct answer: B
Explanation:
Rules perform tests on events, flows, or offenses. If all the conditions of a test are met, the rule generates a response. QRadar QFlow Collector passively collects traffic flows from your network through span ports or network taps. The IBM Security QRadar QFlow Collector also supports the collection of external flow-based data sources, such as NetFlow. References:http://www.ibm.com/support/knowledgecenter/SS42VS_7.2.7/com.ibm.qradar.doc/shc_qradar_comps.htmlhttp://www.ibm.com/support/knowledgecenter/SS42VS_7.2.7/com.ibm.qradar.doc/c_qradar_gs_rules.html
Rules perform tests on events, flows, or offenses. If all the conditions of a test are met, the rule generates a response. 
QRadar QFlow Collector passively collects traffic flows from your network through span ports or network taps. The IBM Security QRadar QFlow Collector also supports the collection of external flow-based data sources, such as NetFlow. 
References:
http://www.ibm.com/support/knowledgecenter/SS42VS_7.2.7/com.ibm.qradar.doc/shc_qradar_comps.html
http://www.ibm.com/support/knowledgecenter/SS42VS_7.2.7/com.ibm.qradar.doc/c_qradar_gs_rules.html
Question 2
A customer has existing complex network infrastructure with many redundant links and the IP packets are taking different paths for inbound and outbound traffic. A Deployment Professional needs to configure SFlow. 
What should be configured in IBM Security QRadar SIEM V7.2.7 to support this specific case? 
  1. Enable flow forwarding
  2. Disable flow forwarding
  3. Enable asymmetric flows
  4. Disable symmetric flows
Correct answer: C
Explanation:
In some networks, traffic is configured to take alternate paths for inbound and outbound traffic. This routing is called asymmetric routing. However, if you want to combine flows from multiple QRadar QFlow Collector components, you must configure flow sources in the Asymmetric Flow Source Interface(s) parameter in the QRadar QFlow Collector configuration. The Yes option enables the QRadar QFlow Collector to recombine asymmetric flows. The No option prevents the QRadar QFlow Collector from recombining asymmetric flows. References: http://www.ibm.com/support/knowledgecenter/SS42VS_7.2.7/com.ibm.qradar.doc/t_qradar_adm_config_qflow_col.html
In some networks, traffic is configured to take alternate paths for inbound and outbound traffic. This routing is called asymmetric routing. 
However, if you want to combine flows from multiple QRadar QFlow Collector components, you must configure flow sources in the Asymmetric Flow Source Interface(s) parameter in the QRadar QFlow Collector configuration. 
The Yes option enables the QRadar QFlow Collector to recombine asymmetric flows. 
The No option prevents the QRadar QFlow Collector from recombining asymmetric flows. 
References: http://www.ibm.com/support/knowledgecenter/SS42VS_7.2.7/com.ibm.qradar.doc/t_qradar_adm_config_qflow_col.html
Question 3
In IBM Security QRadar SIEM V7.2.7, the number of Aggregated Data Management Views were increased. 
How many additional views were added?
  1. 100
  2. 120
  3. 130
  4. 170
Correct answer: D
Explanation:
The limit of 130 aggregated views has been reached in QRadar 7.2.6 and earlier. The number of aggregated data views was increased in QRadar 7.2.7 to 300 aggregated data views. References: http://www-01.ibm.com/support/docview.wss?uid=swg21690762
The limit of 130 aggregated views has been reached in QRadar 7.2.6 and earlier. The number of aggregated data views was increased in QRadar 7.2.7 to 300 aggregated data views. 
References: http://www-01.ibm.com/support/docview.wss?uid=swg21690762
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!