C2150-200 Number: C2150-200 Passing Score: 800 Time Limit: 120 min File Version: 5.0 http://www.gratisexam.com/ IBM C2150-200 Questions & Answers IBM Security Systems SiteProtector V3.0 - Implementation Version: 5.0 IBM C2150-200 Exam
Exam A QUESTION 1 What is the recommended Unresponsive Agent group threshold for a large deployment in minutes? A. 120 B. 240 C. 360 D. 480 : https://www- 304.ibm.com/support/knowledgecenter/SSETBF_2.9.0/com.ibm.siteprotector.doc/concepts/sp_lar ge_deployment_scalabilityguidelines.htm QUESTION 2 Which three installation types are supported for SiteProtector 3.0? (Choose three.) A. Express B. Manual install C. Quick Wizard D. Recommended E. SP3001 Appliance F. SiteProtector Setup DE : QUESTION 3 Which script is run to configure Event Collector failover (EC)? A. ECJob.sql B. ECJob.bat C. CreateSP.sql D. CreateSP.bat : 01.ibm.com/support/knowledgecenter/SSETBF_2.9.0/com.ibm.siteprotector.doc/pdfs/SP_29_Conf iguration_guide.pdf QUESTION 4
Which two versions of Windows server can be used for IBM SiteProtector 3.0 installation? (Choose two.) http://www.gratisexam.com/ A. Windows Server 2000 B. Windows Server 2008 Enterprise C. Windows Server 2003 Enterprise D. Windows Server 2008 R2 Enterprise E. Windows Server 2008 Enterprise 64-bit Correct Answer: AC : QUESTION 5 Which two actions need to be completed before you begin to update the IBM SiteProtector 3.0 Core components? (Choose two.) A. All local consoles must be closed B. Have permission to log in to the Application Server C. Supply credentials for account access tothe SQL Server Database D. Have administrative permissions to log in to the SiteProtector Console E. Supply credentials for administrative account access to the SQL Server Database D : 01.ibm.com/support/knowledgecenter/SSETBF_2.9.0/com.ibm.siteprotector.doc/pdfs/SP_29_Conf iguration_guide.pdf QUESTION 6 Which type of install should be used for a customer that has over 1.9 million events per day? A. Manual install B. Express install C. Minimum deployment install D. Maximum deployment install
QUESTION 7 What are the default emergency purge settings for a SiteProtector database? A. 85% Threshold / 5% Purge Margin B. 75% Threshold / 10% Purge Margin C. 65% Threshold / 15% Purge Margin D. 55% Threshold / 20% Purge Margin Correct Answer: A : 01.ibm.com/support/knowledgecenter/SSETBF_3.1.0/com.ibm.siteprotector.doc/administering/sp_ t_setting_how_long_database_entries_are_retained.htm QUESTION 8 Which three Response Objects can be configured in IBM SiteProtector 3.0? (Choose three.) A. Email B. Warning C. Log Evidence D. User Specified E. Server Notification F. Administrator Specified Correct Answer: ACF : QUESTION 9 Which solution does IBM SiteProtector 3.0 supply for disaster recovery? A. SecureSync B. IBM SiteProtector DR C. Dual instance installation D. Clustered SQL database : 01.ibm.com/support/knowledgecenter/SSETBF_3.0.0/com.ibm.siteprotector.doc/pdfs/SP_30_Insta llation_guide.pdf QUESTION 10 Which statement is true about modifying and controlling policy permissions in the IBM SiteProtector 3.0 System?
A. Policy permissions must be set at the global level. B. Policy permissions must be set for the groupthat contains the role they reside in. C. Policy permissions must be set for the group that contains the repository they reside in. D. Policy permissions must be set for the group that contains the domain group they reside in. : 01.ibm.com/support/knowledgecenter/SSETBF_3.0.0/com.ibm.siteprotector.doc/pdfs/SP_30_Polic ies_and_responses_configuration_guide.pdf QUESTION 11 What is the purpose of the host configuration option in the IBM SiteProtector Security Fusion Policy? A. To define the IP addressesthat Fusion license is used for B. To define the multiple IP addresses that are assigned to single physical server C. To define whatipaddresses areassigned to what vulnerability agent (scanner) D. To define what IP addresses are assigned to what network protection (IPS) agent : QUESTION 12 Which function does Security Fusion Module have? A. It merges similar security events. B. It provides for event collector stacking. C. It is used for high availability SiteProtector requirements. D. It compares attack information with vulnerability information. : 01.ibm.com/support/knowledgecenter/SSETBF_3.1.1/com.ibm.siteprotector.doc/security/sp_c_sec urity_fusionmodule_setupprocess_securityfusionmoduleguide.htm QUESTION 13 Which file must be modified to customize the location of Event Archiver log files by modifying the directory structure? A. EventArchiver.java B. EventArchiver.conf C. EventArchiver.log4j
D. EventArchiver.policy : 01.ibm.com/support/knowledgecenter/SSETBF_3.1.0/com.ibm.siteprotector.doc/tasks/sp_modifyin g_the_event_archiver_directory_structure_spconfigguide.htm QUESTION 14 Which authentication mechanism can be used by SQL server cluster? A. Form Authentication B. LDAP Authentication C. Simple Authentication D. Windows Authentication : QUESTION 15 Which configuration file controls the size of the ADF file? A. ec.policy B. adf.policy C. adf.properties D. common.policy : QUESTION 16 Which two integrations are available between SiteProtector 3.0 and QRadar products? (Choose two.) A. SiteProtector 3.0 can send Events to QRadar SEIM. B. SiteProtector 3.0 can send IPFix flow information to toqradar SEIM. C. QRadar SEIM can send firewall events to SiteProtector 3.0 for Fusion Correlation. D. QRadar Vulnerability Manager can send vulnerability scan information to SiteProtector 3.0 for Fusion Correlation. E. SiteProtector 3.0 can import scheduled IPS reports from QRadar SEIM for viewing within the SiteProtector 3.0 Reports Tab. D
QUESTION 17 When setting up SSL encryption on an Event Collector installed on a 64 bit OS, what is the path to DSN that you need to modify? A. c:\windows\odbcad32.exe B. %systemroot%\system32\odbcad32.exe C. Control panel > administrative tools > data sources D. Control panel > administrative tools > component services : QUESTION 18 Which step is required to reindex the RealSecureDB database? http://www.gratisexam.com/ A. Disable database backup policy B. Stop the SQL Server Browser Service C. Verify that issdaemon service is running on all servers D. Stop the SiteProtector Application, Sensor Controller, and Web Server services : 01.ibm.com/support/docview.wss?uid=swg21437244 QUESTION 19 Which tool is recommended for a customer, who wants to retain old event data from the system? A. Event Archiver B. Event Backup Tool C. Security Event Archive Tool D. SiteProtector Storage Server :
01.ibm.com/support/docview.wss?uid=swg21435332 QUESTION 20 Which information is required to install the Event Archiver? A. Host name or IP address of Agent Manager and of Event Collector. Optionally, Port to communicate to the SQL Database. B. Host name or IP address of XPU Server and SiteProtector group name. Optionally, X-Press Update Server security mode. C. Host name or IP of Event Collector and Port to communicate to Agent Manager. Optionally, IP address or DNS of the firewall or proxy server. D. Host name or IP address of Agent Manager and ofapplication Server. Optionally, user name and password for the Agent Manager and the SiteProtector group name. : 01.ibm.com/support/knowledgecenter/SSETBF_3.0.0/com.ibm.siteprotector.doc/pdfs/SP_30_Insta llation_guide.pdf QUESTION 21 What action has to be taken to preserve polices configured on an agent? A. Register the agent as stand-alone. B. Register the agent in Locally Configured Group. C. Register the agent under Unmanaged Asset group. D. Export policies from the agent, register the agent in SiteProtector, and then import them into SiteProtector : QUESTION 22 In which two situations would a multiple-site deployment be considered? (Choose two.) A. When your site consists of two data centers B. When your configuration is distributed over a large geographic area C. When the standby data center is 1000 meter away from the primary D. When the number of active agents for the site is greater than 50,000 E. When the sizing criteria exceed the numbers specified for a large deployment C : QUESTION 23 Which log file has to be verified if the SiteProtector database failed to install?
A. RS_Install_log.txt B. ISS_RS_Install.log C. RealSecure_Setup.log D. Site_Database_Setup_Log.txt Correct Answer: A : 01.ibm.com/support/docview.wss?uid=swg21437244 QUESTION 24 A customer has two data centers on separate continents however the event load fits within a single site install. Which design is recommended for this environment? A. Manage disperse agents using the LMI B. Install a single IBM SiteProtector 3.0 at its main site C. Deploy a separate IBM SiteProtector 3.0 instance on each continent D. Deploy an agent manager/event collector and express update server on each continent : 01.ibm.com/support/knowledgecenter/SSETBF_3.0.0/com.ibm.siteprotector.doc/pdfs/SP_30_Insta llation_guide.pdf QUESTION 25 Which two options are available when registering legacy components? (Choose two.) A. Locally Register Agent B. Manually Register Agent C. Remotely Register Agent D. Physically Register Agent E. Automatically Register Agent C : QUESTION 26 Which other IBM SiteProtector 3.0 core component should be checked to make sure it is running when an Agent Manager is reporting offline in its status field in the IBM Security Systems 3.0 Console Agent View? A. Agent Manager
B. Event Collector C. SiteProtector core D. X-Press Update Server : 01.ibm.com/support/knowledgecenter/SSETBF_3.0.0/com.ibm.siteprotector.doc/pdfs/SP_30_Insta llation_guide.pdf QUESTION 27 Which two license types can be used with SiteProtector agents? (Choose two.) A. Module License B. One Trust License C. Linux Server License D. Trusted Server License E. Remedy Server License Correct Answer: AC : QUESTION 28 What is the correct order of steps in the IBM SiteProtector 3.0 Console to reach Event Collector properties to review current settings? A. Access Agent View > Right-click the component > Click Properties > Click the Agent Properties icon B. Access Agent View > Select Agent type: EventCollector and Agent Version: 3.0 > Right-click the Event Collector Policy > Click Open C. Access Agent View > Right-click the component > Click Properties > Click the Agent Properties icon > Click the Edit Agent Properties D. Access Agent View > Select Agent type: EventCollector and Agent Version: 3.0 > Right-click the Event Collector Policy > Click Open Latest Version : 03.ibm.com/certify/tests/objC2150-533.shtml QUESTION 29 Which agent is managed by IBM SiteProtector? A. IBM Security AppScan B. IBM Security Access Manager C. IBM Security Server Protection D. IBM Security QRadar Vulnerability Manager
: ftp://public.dhe.ibm.com/software/security/products/qradar/documents/7.2.1/qvm/en/b_qvm_ug.p df QUESTION 30 Which statement is true about deleting a saved report template in IBM SiteProtector? A. Deleting a saved report template deletes the saved template only. B. Deleting a saved report template deletes the saved report related to the template. C. Deleting a saved report template deletes the saved schedule related to the template. D. Deleting a saved report template deletes the saved report and schedule related to the template. : QUESTION 31 Which policy is used to the configure the amount of time events are kept? A. Advanced Purge B. Event Archive Settings C. Data Retention Settings D. Maximum Database Sites QUESTION 32 What is a small site installation of all SiteProtector components on a single computer called? A. Express install B. Standard install C. SQL Cluster install D. Simple deployment : 01.ibm.com/support/knowledgecenter/SSETBF_3.0.0/com.ibm.siteprotector.doc/pdfs/SP_30_Insta llation_guide.pdf
QUESTION 33 Which two modifications can the Impact Analysis component make to a security event that failed in IBM SiteProtector 3.0 Security Fusion Module? (Choose two.) A. Block the event B. Change the priority of the event to Low C. Change the priority of the event to High D. Increase the severity of the event to one level E. Decrease the severity of the event to one level E QUESTION 34 Which required network port must be open on the Agent Manager allowing the Event Collector to establish a data communication path? http://www.gratisexam.com/ A. 443 B. 902 C. 914 D. 3995 : QUESTION 35 What is the default frequency of IBM SiteProtector 3.0 for Checking IBM Security website for a new catalog? A. 24 hrs B. 48 hrs C. 72 hrs D. Weekly Correct Answer: A :
01.ibm.com/support/knowledgecenter/SSETBF_3.0.0/com.ibm.siteprotector.doc/pdfs/SP_30_Conf iguration_guide.pdf QUESTION 36 Which criteria should be used to control the type of events you archive and help you divide the work of archiving events among multiple Event Archives? A. Event Type B. Event Rules C. Event Filters D. Event Configuration : QUESTION 37 Which settings control the frequency at which agents will be marked offline if they have not sent a recent heartbeat? A. The Heartbeat Interval in the agent's policy B. The Heartbeat Interval in the Group Settings policy C. The Unresponsive Agent Thresholdin the agent's policy D. The Unresponsive Agent Threshold in the agroup Settings policy : QUESTION 38 What is the maximum rate of events per day for a small deployment of SiteProtector? A. 500,000 events per day B. 1,000,000 events per day C. 1,250,000 events per day D. 1,500,000 events per day : QUESTION 39 What happens with an event if it is marked with the Cleared Flag check box? A. The event is reset. B. The event is marked for purge. C. The event is not reported by any agent. D. The event is removed from database. Correct Answer: A
: QUESTION 40 How many computers are needed to setup a minimum deployment of SiteProtector? A. One computer B. Two computers C. Three computers D. Four computers : 01.ibm.com/support/knowledgecenter/SSETBF_3.0.0/com.ibm.siteprotector.doc/pdfs/SP_30_Insta llation_guide.pdf QUESTION 41 What is the likely cause when the Application Server service fails to start? A. The Create Tables function failed. B. The cache of the Application Server is full. C. The Application Server password is incorrect. D. In the IIS manager, the office server web services is running on the wrong SSL port (433). : QUESTION 42 Which third-party license is needed to be used with SiteProtector 3.0? A. IBM DB2 License B. RedHat Linux License C. MS SQLServer License D. Postgres Database License Correct Answer: A : QUESTION 43 What should you do if you are unable to launch your SiteProtectorConsole as user or super user? A. Update Java
B. Disable Windows Firewall C. Assign the required administrator permission D. Assign the proper permissions in the Windows Registry : 01.ibm.com/support/docview.wss?uid=swg21436848 QUESTION 44 Which policy file keeps the Event Collector agent properties configuration data? A. EC.policy B. sscsf.policy C. Current.policy D. Common.policy : 01.ibm.com/support/knowledgecenter/SSETBF_3.0.0/com.ibm.siteprotector.doc/pdfs/sp_policies_r esponses_guide20sp81.pdf QUESTION 45 What is the most likely cause of the "Update file upload canceled at user request" error when trying to download update files? A. An improperly configured dbconfig.xml B. SiteProtector does not have a valid license. C. The ODBC timeout value for the specific query you are running D. This error gets thrown from Crystal Reports with too short of a time out value. : 01.ibm.com/support/docview.wss?uid=swg21644749 QUESTION 46 Which two scenarios of IBM SiteProtector 3.0 deployment are valid? (Choose two.) A. Maximum deployment B. Minimum deployment on one computer C. Large scale deployment on two computers D. Medium scale deployment on two computers
E. Large network deployment on four to five computers D : QUESTION 47 What is the name format for creating a new agent group policy repository? A. <Agent name> Repository B. <Group Name> Repository C. <Policy name> Repository D. <Agent name> Policy Repository QUESTION 48 During planning the initial installation of SiteProtector Express, a customer has stated a need to retain 90 days of online event storage. What is the recommended amount of disk space that should be assigned to the database? A. 40 GB http://www.gratisexam.com/ B. 67 GB C. 79 GB D. 87 GB Correct Answer: A : QUESTION 49 Which information is included on the Notifications screen accessed by clicking the exclamation point on the bottom right of any screen in SiteProtector? A. Analysis view of all high severity events B. List of central responses that have been triggered C. Messages for significant SiteProtector Component health statuses D. Tickets that are currently unassigned or assigned to a current user
: 01.ibm.com/support/knowledgecenter/SSETBF_3.0.0/com.ibm.siteprotector.doc/pdfs/SP3001_Har dware_configuration_guide_sp_30.pdf QUESTION 50 What does the color black that appears next to a top level Permission property window in the IBM SiteProtector indicate? A. Permission inheritance is turned on for this asset group. B. All the individual permissions in that category areassigned to a user or group. C. None of the individual permissions in that category are assigned to the user or group. D. Some of the individual permissions in that category are assigned to the user or group, but not all. QUESTION 51 Which licenses are supported by SiteProtector? (Choose two.) A. One Trust licensing B. IBM Rational licensing C. Agent/module licensing D. Passport Advantage licensing E. SiteProtector Fusion licensing D : QUESTION 52 Where is the option to increase the default number of rows to display in the Analysis view? A. Tools > Options > Asset B. Tools > Options > Analysis C. Tools > Options > General > Tables D. Tools > Ticketing Setup > Notification tab : QUESTION 53 Which statement is true about Ticket priority in the IBM SiteProtector System?
A. Ticket priority depends on the severity of the issues. B. Ticket priority depends on the access involved in the ticket. C. Ticket priority depends on the time allocated to resolve the ticket. D. Ticket priority is automatically set by the IBM SiteProtector System. http://www.gratisexam.com/