ExamTopics Logo
Mail Us[email protected]
Menu
Ibm Discussions
exam questions

Exam C2150-614 All Questions

View all questions & answers for the C2150-614 exam
Go to Exam

Exam C2150-614 topic 1 question 56 discussion

Actual exam question from IBM's C2150-614
Question #: 56
Topic #: 1
[All C2150-614 Questions]

A Deployment Professional is working on configuring a deployment of IBM Security QRadar SIEM V7.2.7 and needs to determine how to configure FP, EP, FC, and EC. The customer has multiple different domains.
How can these managed devices be used, segmented and assigned to various domains?

  • A. EC can be assigned to more than one domain, while FC can only be attached to a single domain.
  • B. FC can be assigned to more than one domain, while EC can only be attached to a single domain.
  • C. Both FC and EC can be assigned to a domain as a whole, while log sources and flow sources can be tagged to individual domains.
  • D. Both FC and EC can be assigned to a domain as a whole, thus making their respective log sources and flow sources attached to that same domain.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Domains are defined based on IBM Security QRadar input sources. When events and flows come into QRadar, the domain definitions are evaluated and the events and flows are tagged with the domain information.

Flow collectors -
You can assign specific QFlow collectors to a domain.
All flow sources that arrive at that flow collector belong to the domain; therefore, any new auto-detected flow sources are automatically added to the domain.

Event collectors -
If an event collector is dedicated to a specific network segment or IP address range, you can flag that entire event collector as part of that domain.
All log sources that arrive at that event collector belong to the domain; therefore, any new auto-detected log sources are automatically added to the domain.

Log sources -
You can configure specific log sources to belong to a domain.
This method of tagging domains is an option for deployments in which an event collector can receive events from multiple domains.

Flow sources -
You can designate specific flow sources to a domain.
This option is useful when a single QFlow collector is collecting flows from multiple network segments or routers that contain overlapping IP address ranges.
Note:
Flow Processor (FP)
Event Processor (EP)
Flow Collector (FC)
Event Collector (EC)
References:
http://www.ibm.com/support/knowledgecenter/SSKMKU/com.ibm.qradar.doc/c_domain_defining.html
by zelesu at April 5, 2025, 9:25 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel