Which function allows a custom event property to be removed from a selected event?
A. Anomaly
B. Map Event
C. False Positive
D. Extract Property
Which two authentication methods for the QRadar User Interface are valid? (Choose two.)
A. SecureID
B. Digital Signatures
C. Password Authentication Protocol (PAP)
D. Remote Authentication Dial In User Service (RADIUS)
E. Terminal Access Controller Access-Control System (TACACS)
Which directory from the QRadar host can be moved to offboard storage?
A. A/ar
B. /store
C. /home
D. /media
You have been asked to forward all event logs from QRadar to another central syslog server with the IP of
172.16.77.133. You also want the events to be processed by the CRE, but not stored on the system.
What will allow you to do this process?
A. Add a Routing Rule that under Current Filters "Matches All Incoming Events", under Routing Options, add a Forwarding destination for 172.16.77.133 with the "Raw Event" format. Then select the 'Forward' and 'Drop' options. Save and deploy.
B. Add a Routing Rule that, under Current Filters "Matches All Incoming Events", under Routing Options, add a Forwarding destination for 172.16.77.133 with the "Normalized Event" format. Then select the 'Forward' and 'Drop' options. Save and deploy.
C. Add a forwarding Destination for 172.16.77.133 with the "Raw Event" format. Then add a Routing Rule that, under Current Filters "Matches All Incoming Events", under Routing Options, select the Forward destination that matches destination you created. Then select the 'Forward' and 'Drop' options. Save and deploy.
D. Add a forwarding Destination for 172.16.77.133 with the "Normalized Event" format. Then add a Routing Rule that, under Current Filters "Matches All Incoming Events", under Routing Options, select the Forward destination that matches destination you created. Then select the 'Forward* and 'Drop* options. Save and deploy.
A customer has log files from Windows-based systems and wants to push those logs to the QRadar console.
What options should the customer use in WinCollect to collect and forward these logs?
A. File Forwarder
B. Flow Forwarder
C. Event Forwarder
D. Windows-based Event Log Forwarder
What is the minimum bandwidth needed between the primary and secondary HA host?
A. 1 gigabits per second (Gbps)
B. 2 gigabits per second (Gbps)
C. 3 gigabits per second (Gbps)
D. 4 gigabits per second (Gbps)
Which configuration window defines the maximum number of TCP syslog connections?
A. Log Sources
B. System Setting
C. Console Setting
D. Deployment Editor
A user of QRadar wishes to have a report showing the number of bytes per packet they see with their flows. The user decides to create a Custom Flow Property for this application.
Which type of custom property is required for this to be accomplished?
A. Regex Custom Property
B. Advanced Custom Property
C. Computation Custom Property
D. Calculation Based Custom Property
Which attribute is valid when defining the user roles to provide the necessary access?
A. Admin: System Administrator
B. Log Activity: View Custom Rules
C. Log Activity: Manage Time Series
D. Network Activity: Maintain custom Rules
Which two fields are required to be filled out when adding a new network to the network hierarchy? (Choose two.)
A. Weight
B. IP and CIDR
C. Capture Filter
D. Flow Source Interface
E. Flow Retention Length
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IBM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your C2150-400 exam preparations and IBM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.