C2150-400 Online Practice Questions and Answers

What should the format of a CSV file be while importing assets on the QRadar console?

A. ip,portweight,description

B. ip,name,weightmagnitude

C. ip.name.weight.description

D. ip.name.severity.description

Which default flow source is included in the QRadar SIEM?

A. IPFIX

B. jFlow

C. QFlow

D. NetFlow

An off-site source can connect to which component?

A. Flow collector

B. Event collector

C. Flow processor

D. Event processor

A customer has log files from Windows-based systems and wants to push those logs to the QRadar console.

What options should the customer use in WinCollect to collect and forward these logs?

A. File Forwarder

B. Flow Forwarder

C. Event Forwarder

D. Windows-based Event Log Forwarder

Which option will display the rule that triggered an offense from Offense Details screen?

A. Display > Rules

B. Display > Sources

C. Offenses tab > Rules

D. Display > Annotations

What is the system doing behind the scenes to return the results when searching the asset profile database for server types?

A. Hostname filter

B. IP address filter

C. Ports based filter

D. Mac address filter

Which offboard storage solution must only be used to mount the /store/backup file system?

A. FTP

B. NFS

C. iSCSI

D. Fibre Channel

What are the two support formats for exporting an Assets list from QRadar console? (Choose two.)

A. XML

B. RTF

C. PDF

D. CSV

E. HTML

How many days does QRadar keep record of Closed Offense by default?

A. 1 day

B. 5 days

C. 3 days

D. 7 days

Which statement is true with regard to auto discovery functionality?

A. All supported DSMs are auto discovered.

B. Only 50 Log Sources can be auto discovered.

C. Auto discovered log sources are assigned to a generic log source group.

D. QRadar license key defines the maximum number of log sources that can be auto discovered.