Test information:
Number of questions: 60
Time allowed in minutes: 120
Required passing score: 61%
Languages: English
Related certifications:
IBM Certified Administrator – Security QRadar Risk Manager V7.2.6
The test consists of 6 sections containing a total of approximately 60 multiple-choice questions. The percentages after each section title reflect the approximate distribution of the total question set across the sections.
Section 1 – Device configuration investigation (22%)
Identify assets in the network (i.e. device discovery).
Apply credential sets to the discovered devices.
Obtain device configuration.
Examine the asset information.
Examine scanning results (i.e. port, application, patch, etc.).
Apply specific searches (i.e. device rules, risk, vulnerabilities, etc.).
Examine connections (i.e. use, search/view, and export).
Section 2 – Device source management (22%)
Demonstrate the importing and management of devices (i.e. view, add, edit, delete, log sources, etc.)
Illustrate protocol configuration.
Create discovery schedules.
Demonstrate configurations of scans (i.e. port/app, configure windows, schedule scans, configure Linux.
Perform backup jobs (i.e. manage, add, edit, rename, delete, etc.).
Examine connections (i.e. use, search/view, and export).
Section 3 – Policy monitor (18%)
Use QRM questions to monitor policies (i.e. view, asset, compliance, device/rules, group, evaluation/result, export/import, auditing).
Illustrate policy management (i.e. create, manage, review, compliance, false positives).
Infer the Importance factor.
Demonstrate how to view and export connections (i.e. log sources, scanners).
Apply QRM Use Cases to a given scenarios.
Section 4 – Topology (13%)
Examine Topology layout.
Illustrate the function of groups within Topology.
Perform searches within Topology view (none, host, network, path).
Translate NAT within Topology.
Apply Topology to an investigation.
Use Topology graphs to determine traffic routes through network.
Section 5 – Vulnerability classification (15%)
Identify false positives.
Use simulations (edit, copy, assign, delete, monitor).
Modify simulations (revoke, group).
Perform Connections Investigations.
Examine vulnerability data using QRM (risk, criteria, information, types, exceptions, severity, impact, rules).
Section 6 – Reporting/scheduling (10%)
Construct various report types (vulnerability, log, asset, user, questions).
Modify report scheduling (create, edit, duplicate, share).
Construct and modify charts.
IBM Certified Administrator – Security QRadar Risk Manager V7.2.6
Job Role Description / Target Audience
This intermediate level certification is intended for administrators who works with IBM Security QRadar Risk Manager V7.2.6.
These administrators focus on managing security risks within their network and how those vulnerabilities can be exploited (or blocked) as a result of the current state of network assets using skills from the following areas:
1. Device configuration investigation
2. Device source management
3. Policy monitor
4. Topology
5. Vulnerability classification
6. Reporting/scheduling
These users are generally self-sufficient and able to perform most of the tasks involved in the job role with limited assistance.
To attain the IBM Certified Administrator – Security QRadar Risk Manager V7.2.6 certification, candidates must pass 1 test. To prepare for the test, it is recommended to refer to the job role description and recommended prerequisite skills, and click the link to the test below to refer to the test objectives and the Test preparation tab.
Recommended Prerequisite Skills
Working knowledge of:
IBM Security QRadar SIEM Administration
IBM Security QRadar Risk Manager
General knowledge of:
Networking
Risk management
System Administration
Network Topology
Requirements
This certification requires 1 test(s).
Click here to view complete Q&A of C2150-616 exam
Certkingdom Review, Certkingdom PDF Torrents
Best IBM C2150-616 Certification, IBM C2150-616 Training at certkingdom.com