IBM C2150-612 - IBM Security QRadar SIEM V7.2.6, Associate Analyst Exam
Page: 2 / 11
Total 54 questions
Question #6 (Topic: )
Where are events related to a specific offense found?
A. Offenses Tab and Event List window
B. Dashboard and List of Events window
C. Offense Summary Page and List of Events window
D. Under Log Activity, search for Events associated with an Offense
Answer: A
Question #7 (Topic: )
What are the various timestamps related to a flow?
A. First Packet Time, Storage Time, Log Source Time
B. First Packet Time, Storage Time, Last Packet Time
C. First Packet Time, Log Source Time, Last Packet Time
D. First Packet Time, Storage Time, Log Source Time, End Time
Answer: B
Question #8 (Topic: )
What is indicated by an event on an existing log in QRadar that has a Low Level Category
of Unknown?
of Unknown?
A. That event could not be parsed
B. That event arrived out of order from the original device
C. That event was from a device that is not supported by QRadar
D. That the event was parsed, but not mapped to an existing QRadar category
Answer: D
Question #9 (Topic: )
When using the right click event filtering functionality on a Source IP, one can filter by
Source IP is not [*].
Which two other filters can be shown using the right click event filtering functionality?
(Choose two.)
Source IP is not [*].
Which two other filters can be shown using the right click event filtering functionality?
(Choose two.)
A. Filter on DNS entry [*]
B. Filter on Source IP is [*]
C. Filter on Time and Date is [*]
D. Filter on Source or Destination IP is [*]
E. Filter on Source or Destination IP is not [*]
Answer: B,D
Question #10 (Topic: )
Which pair of options are available in the left column on the Reports Tab?
A. Reports and Owner
B. Reports and Branding
C. Reports and Report Grouping
D. Reports and Scheduled Reports
Answer: B
