ExamTopics Logo
Mail Us[email protected]
Menu
 

C2150-624 Actual Exam Questions

Last updated on Nov. 25, 2024.
Vendor:IBM
Exam Code:C2150-624
Exam Name:IBM Security QRadar SIEM V7.2.8 Fundamental Administration
Exam Questions:60
97% Passed the exam with this material
 

Topic 1 - Single Topic

Question #1 Topic 1

Administrators on versions of IBM Security QRadar SIEM older than V7.2.4 must use a specific upgrade path to transition to newer software versions. These requirements are outlined in what technical document?

  • A. Fix Level Recommendation Tool
  • B. IBM latest firmware release notes
  • C. QRadar Software upgrade progress technical note
  • D. IBM System Security Interoperation Center (SSIC)
Reveal Solution Hide Solution   Discussion  

Correct Answer: C 🗳️
Most of the upgrades of IBM products are available in technical notes. IBM security Qradar SIEM upgrade process and information can be obtained through technical notes that IBM publishes on the web.

Reference -
http://www-01.ibm.com/support/docview.wss?uid=swg27038118

Question #2 Topic 1

What is a precaution an Administrator should take before beginning an upgrade of IBM Security QRadar SIEM V7.2.8?

  • A. Close all open offenses.
  • B. Purge old data and events.
  • C. Check and close all open messages.
  • D. Confirm that a backup of the data is complete.
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️
The first precaution listed in the IBM document states that the administrator should backup data before preparing for software upgrade. Backup of the current settings is important because if anything bad happens during the upgrade, you can always revert back to the original settings.

Reference -
http://www-01.ibm.com/support/docview.wss?uid=swg27048793

Question #3 Topic 1

After downloading the <QRadar_patchupdate>.sfs file from Fix Central, what is the next step to upgrade IBM Security QRadar SIEM V7.2.8?

  • A. Log in to the console as the Admin user-> Admin tab -> Advanced Menu -> Clean SIM Model.
  • B. Log in to the console as the Admin user-> Admin tab -> Advanced Menu -> Upgrade option.
  • C. Use SSH to log in to the system as the root user -> Run the patch installer with the following command: /media/updates/upgrade_qradar.
  • D. Use SSH to log in to the system as the root user -> Copy the patch file to the /tmp directory or to another location that has sufficient disk space.
Reveal Solution Hide Solution   Discussion  

Correct Answer: D 🗳️
✑ Download the fix pack to install QRadar 7.2.8 Patch 1 from the IBM Fix Central website: http://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%
2BSecurity&product=ibm/Other+software/IBM+Security+QRadar+SIEM&release=7.2.0&platform=Linux&function=fixId&fixids=7.2.8-QRADAR-QRSIEM-
20161118202122&includeRequisites=1&includeSupersedes=0&downloadMethod=http&source=fc
✑ Using SSH, log in to your system as the root user.
✑ Copy the fix pack to the /tmp directory on the QRadar Console. Note: If space in the /tmp directory is limited, copy the fix pack to another location that has sufficient space.
✑ To create the /media/updates directory, type the following command: mkdir -p /media/updates

Reference -
http://www-01.ibm.com/support/docview.wss?uid=swg27049111

Question #4 Topic 1

An Administrator working with IBM Security QRadar SIEM V7.2.8 needs to enable the PCI report template.
What is the procedure to accomplish this task?

  • A. Admin Tab -> Reports -> Templates -> Compliance -> PCI -> Select "Enable"
  • B. Report Tab -> Enable "Show all templates" -> Group List -> Compliance -> PCI
  • C. Reports Tab -> Clear "Hide Inactive Reports" box -> Group List -> Compliance -> PCI
  • D. Admin Tab -> Reports -> Templates -> Compliance -> PCI -> uncheck "Hide Template"
Reveal Solution Hide Solution   Discussion  

Correct Answer: C 🗳️
1. Click the Reports tab.
2. Clear the Hide Inactive Reports check box.
3. In the Group list, select Compliance > PCI. 4. Select all report templates on the list: a. Click the first report on the list. b. Select all report templates by holding down the Shift key, while you click the last report on the list.
5. In the Actions list, select Toggle Scheduling. 6. Access generated reports: a. From the list in the Generated Reports column, select the time stamp of the report that you want to view. b. In the Format column, click the icon for report format that you want to view.

Reference -
ftp://ftp.software.ibm.com/software/security/products/qradar/documents/7.2.8/en/b_qradar_gs_guide.pdf

file Viewing page 1 out of 15 pages.
Viewing questions 1-4 out of 60 questions
Next Questions
Browse atleast 50% to increase passing rate cup
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago