A2150-195 Online Practice Questions and Answers
What is the rule for using the Quick Filter to group terms using logical expressions such as AND, OR, and NOT?
A. The syntax is not case sensitive.
B. The syntax is case sensitive and the operators must be upper case to be recognized as logical expressions and not as search terms.
C. The syntax is case sensitive and the operators must be placed between square brackets to be recognized as logical expressions and not as search terms.
D. The syntax is case sensitive and the operators must be lower case and placed between square brackets to be recognized as logical expressions and not as search terms.
Why is coalescing important to a non-admin user?
A. It saves space on disk.
B. It saves events per second.
C. It makes it faster to parse the events.
D. It makes events easier to read in the Log Activity screen.
Which search property is required for a user to create a Time Series chart?
A. Have a saved search filtered by an IP/CIDR
B. Have a saved search using an Order By option
C. Have a saved search displaying only two columns
D. Have a saved search with a Grouped By option enabled
How can a user clear all filters and return to the default search in the Log Activity user interface?
A. Search > Default Search
B. Action menu > Clear All Filters
C. Double-click the Log Activity tab
D. Right-click on the filter and select Clear Filter
What are two ways that asset profiles can be populated? (Choose two.)
A. Flow data
B. Heartbeat traffic
C. Router configuration
D. Windows application logs
E. Vulnerability assessment scans
Which two formats can a user export flow data from the Network Activity tab? (Choose two.)
A. RTF
B. XML
C. PDF
D. CSV
E. HTML
Approximately how many default reports are included in IBM Security QRadar V7.0 MR4?
A. 100
B. 500
C. 1,000
D. 1,500
Which high level category is used for IBM Security QRadar V7.0 MR4 internal monitoring?
A. Audit
B. Internal
C. Monitor
D. QRadar
Which function queries for offenses using specific criteria and displays those offenses that match the criteria?
A. Find
B. Search
C. Offense Lookup
D. Right-click > Navigate
What are two examples of an exact search phrase for finding Firewall deny events using the Quick Filter? (Choose two.)
A. Firewall deny
B. Firewall*deny
C. Firewall.*deny
D. Firewall + deny
E. "Firewall" + "deny"
Which item in the IBM Security QRadar V7.0 MR4 interface provides a context sensitive help page which is available for any page, window, or section?
A. Help > Documentation
B. type Help in the Search field
C. Help drop-down list > Category
D. The question mark in the far right corner
What is the difference between a report and a search in IBM Security QRadar V7.0 MR4?
A. Reports are predefined while searches are customizable by the user.
B. They are the same; there is no difference between reports and searches.
C. A report is a document that represents the output of searches. Results of multiple searches can be integrated into a single report.
D. Searches can be created on any combination of domains like Offenses, Log Activity, or Network Activity. Reports can only be created on a single domain.
Which flow direction would a user specify in order to see flows that are solely related to traffic that originates from the internal networks to external networks?
A. L2L
B. R2L
C. L2R
D. R2R
A user is complaining of slow traffic on a specific network segment. An administrator is investigating the source of the congestion using the IBM Security QRadar V7.0 MR4 (QRadar) Dashboard workspace named Top Applications. The administrator has drilled down into the details of a traffic spike and is now on the Details tab.
What information is shown when double-clicking on the top application in the list?
A. A list of flows sorted by time for the selected application
B. A list of flows sorted by time for all of the top applications listed
C. A list of flows sorted by total byte count for the selected application
D. A list of flows sorted by total byte count for all of the top applications listed
The remote directory field can be left blank for which protocol?
A. FTP
B. TFTP
C. SFTP
D. FTPS
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
Copyright © 2004-2025 certbus.com, All Rights Reserved.