IBM P2150-870 Questions Pool 2021

NEW QUESTION 1
Organizations have too many vulnerabilities to remediate and need to focus on the ones that represent the highest risks.
Which question should the prospect be asked to start a conversation on this topic?

• A. Do you currently use a vulnerability scanner?
• B. Can you show me the server room to see the physical security measures?
• C. Do you like the reports you get out of your current Vulnerability Assessment tool?
• D. How do you currently patch vulnerabilities that are most likely to be exploited first?

Answer: A

NEW QUESTION 2
Which is a valid use case for implementing QRadar reference data collections?

• A. Change all incoming events to add an additional field value.
• B. Provide an index for all data (events and flow data) in real time.
• C. Store hash values and test each incoming hash against this set
• D. Speed up dashboard functions due to caching common widget data sets

Answer: C

NEW QUESTION 3
What do prospects typically care about for high level cyber use cases?

• A. 1. Advanced Threats2. Insider Threats3. Securing the cloud4. Critical Data Protection
• B. 1. Best price for performance2. Outside Threats3. Patching ALL vulnerabilities found as soon as they are reported4. Running a clean data center
• C. 1. Having a proper time management system2. Evacuation rule compliance3. Making the sales target for the week4. Speed of deployment and Time to value
• D. 1. Having a good password change policy2. Erasing documents which describe a recent data breach3. keeping up to date with Windows patch updates4. cleaning the BGP routing tables regularly

Answer: C

NEW QUESTION 4
What is the least secure of the five transmission types?

• A. Wireless
• B. Fiber Optic
• C. Coaxial Cable
• D. Shielded Twisted Pair
• E. Unshielded Twisted Pair

Answer: C

NEW QUESTION 5
How does QRadar Advisor with Watson help security analysts investigate security incidents?

• A. It analyzes flow data.
• B. It analyzes and investigates an offense.
• C. It scans systems for vulnerabilities.
• D. It extracts packet data for security investigations.

Answer: D

NEW QUESTION 6
Where do reports get their data from?

• A. Backups
• B. Dashboards
• C. Saved searches
• D. Real-time event data

Answer: C

NEW QUESTION 7
What does QRadar Incident Forensics do? QRadar Incident Forensics:

• A. analyzes event data for an incident that is discovered by QRadar SI EM.
• B. analyzes flow data for an incident that is discovered by a QRadar SI EM.
• C. brings in the vulnerability data relevant for an incident that is discovered by QRadar SIEM.
• D. aggregates the relevant network data for an incident that is discovered by QRadar SIEM.

Answer: A

NEW QUESTION 8
Which is NOT an option for the deployment of the QRader sopftware?

• A. Cloud
• B. Virtual
• C. Live CD/DVD
• D. 3rdParty Appliance

Answer: A

NEW QUESTION 9
Which types of software appliance are involved of an events is received by an Event Collector, and the event is then to an Event Processor and causes an Offense to be updated on the Console?

• A. 13xx to 17xx to 31xx
• B. 13xx to 18xxt o 21xx
• C. 13xx to 16xx to 31xx
• D. 15xx to 17xx to 21xx

Answer: C

NEW QUESTION 10
Which default Dashboard shows QRadar error messages?

• A. Network Overview
• B. System Monitoring
• C. Application Overview
• D. Threat and Security Monitoring

Answer: B

NEW QUESTION 11
Which IBM artificial intelligence service can be used to speed up analysis of external threats?

• A. QRadar Incident Overview
• B. QRadar Advisor with Watson
• C. QRadar Machine Learning Analytics
• D. QRadar Artificial Intelligence toolbox

Answer: D

NEW QUESTION 12
Which set of items will be checked by IBM before an App is published in the QRadar App Exchange?

• A. * Review the App name, version and description* Ensure there is a C&C channel to the App developer.* Run the App to see if it does anything useful.* Change the code so it will function in newer versions of QRadar.
• B. * Create a Java version of the App* Check for collisions between App page_scripts and QRadar functions.* Verify that the App does not log any information.* Change the code so it will function in newer versions of QRadar.
• C. * Review all APIcalls.* Ensure that there are no hard-coded values.* Run static analysis on any Python and Javascript code* Execute security tests
• D. * Automatically deploy/upgrade the App in all QRadar installations* Review the screen-shots and icons in the App.* minimize any App storage usage* Verify the App will create a dashboard widget.

Answer: B

NEW QUESTION 13
In this diagram, showing the Ariel Search Flow, what is the name of the components as ‘X’, running on the Console?

• A. AQL Processor
• B. Ariel Proxy Server
• C. Ariel Query Server
• D. REST -API endpoint

Answer: A

NEW QUESTION 14
Which subjects should be covered when first demonstrating QRadar?

• A. 1. The devices QRadar supports.2. How to write rules to detect spear-fishing attacks.3. How much EPS QRadar can handle on a single box.4. Why QRadar should be chosen.
• B. 1. The QRadar add-on
• C. and what problems they solve.2. How QRadar add-ons work.3. How to create a custom extracted property from a custom log source.4. A use case involving different geographies, and its integration to a physical security system (badge reader).
• D. 1. The problem QRadar solves.2. How QRadar works (i.e.. data integration, correlation and offenses).3. Use cases that apply to the client's business.4. QRadar's competitive advantages
• E. 1. The programming languages used to build QRadar.2. The cost per EPS and FPM3. Building a use case in QRadar's rule wizard.4. A POC so client can personally test the product.

Answer: A

NEW QUESTION 15
What are thesystems called which send events to QRadar?

• A. Assets
• B. Firewalls
• C. Log Sources
• D. Data Backups

Answer: D

NEW QUESTION 16
What does QRadar Network Insight (QNI) create?

• A. An Offense from Events.
• B. A demilitarized zone from Apple Airport data.
• C. OSI Layer 7 packet from OSI Layer 3 flow information.
• D. IPFIX records with deep security content from SPAN or TAN port data.

Answer: C

NEW QUESTION 17
Which is the most common formatused to send event data to a SIEM?

• A. JSON
• B. LEEF
• C. Syslog
• D. NetFlow

Answer: D

NEW QUESTION 18
What is a benefit of having QRadar on Cloud? IBM is responsible for:

• A. generating new use cases.
• B. alerting the user regarding offenses.
• C. providing 24 hour
• D. 7 days a week health monitoring and system management of the QRadar Deployment.
• E. providing health monitoring and system management of the QRadar Deployment during normal business hours only.

Answer: D

NEW QUESTION 19
What is the unique benefit of moving to QRadar on Cloud? Customers can now:

• A. reduce future capital expense.
• B. take advantage of QRadar Apps.
• C. build much larger QRadar deployments
• D. have access to additional device support modules.

Answer: B

NEW QUESTION 20
Which is standard on a QRadar on Cloud deployment?

• A. High Availability
• B. Packet analysis
• C. Vulnerability Management
• D. Custom log source development

Answer: B

NEW QUESTION 21
......