Which two formats can reports be generated in? (Choose two.)
A. JPEG image (JPG)
B. Comma Separated Values (CSV)
C. Microsoft Word Document (DOC)
D. Hypertext Markup Language (HTML)
E. Adobe Portable Document Format (PDF)
A QRadar administrator has created a custom rule for investigation of DoS attack on a network using netflow data as well as events coming from a Checkpoint firewall.
Where should the tests be performed to detect this type of unusual activity?
A. Perform tests on offenses to detect unusual activity in your network
B. Perform tests on events and flows to detect unusual activity in your network
C. Perform tests on events, flows and offenses to detect unusual activity in your network
D. Perform tests on the events, flows, offenses and results of saved flow or event searches in your network
Which offboard storage solution must only be used to mount the /store/backup file system?
A. FTP
B. NFS
C. iSCSI
D. Fibre Channel
How do you view an offense that is associated with an event from the Log Activity tab?
A. Double click the event
B. Click the Offense icon next to the event
C. Right click the event, select View Offenses
D. Select the event, and select Offenses from the View list box
Which network monitoring port does Juniper Jflow require to be configured in QRadar?
A. Port 80
B. Port 443
C. Port 1080
D. Port 2055
Which two options are available for Override parameter when an administrator views the Asset Profile Summary page? (Choose two.)
A. Forever
B. Until Next Scan
C. After Next Scan
D. Before Next Scan
E. After Specified Time
In which three ways can you create Log Sources? (Choose three.)
A. Bulkload
B. Manually
C. Automatically
D. Scripting
E. Autoupdate
F. QRadar Enterprise template
A flow is sequence of packets that have which common characteristics?
A. Same source, MAC address, flow source and destination IP address
B. Same source IP address, flow source and transport layer port information
C. Same source and destination IP address and transport layer port information
D. Same destination IP address, source bytes and transport layer port information
Which appliance is used to collect, store, and process event and flow data in case of hardware and network failure?
A. Replicated appliance
B. Secondary appliance
C. High availability appliance
D. High accessibility appliance
Which scanners report vulnerabilities on all ports? (Choose two.)
A. Axis
B. NMap
C. Qualys
D. tcpdump
E. nCircle IP360
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IBM exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your C2150-400 exam preparations and IBM certification application, do not hesitate to visit our Vcedump.com to find your solutions here.