Started on Tuesday, March 19, 2024, 8:33 AM

State Finished
Completed on Tuesday, March 19, 2024, 9:07 AM
Time taken 33 mins 30 secs Back Next
Grade 19.00 out of 25.00 (76%)
Feedback A minimum of 19 correct answers is
required to pass.
Congratulations, you passed the IBM
Security Cloud Pak for Security Level 2
Quiz

Question 1

Correct

1.00 points out of 1.00

What are the four key domains in the IBM Security "Shield?"

Identities, Malware, Endpoints, Cloud

Manage, Model, Advise, Protect

Manage, Modernize, Improve, Collaborate

Align, Protect, Manage, Modernize 

Question 2

Correct

1.00 points out of 1.00

What is the name of the Endpoint Detection and Response

(EDR) product that IBM announced its' intent to aquire in
November 2021?

Cyberreason

CrowdStrike

Bitdefender

ReaQta 
Question 3

Correct

1.00 points out of 1.00

Back Next

What does XDR stand for?

Extended Doughnut Recipes

Extended Data Recovery

Extended Detection and Response 

Endpoint Detection and Response

Question 4

Incorrect

0.00 points out of 1.00

What does "Federated Searching" allow security analysts to do?

Ingest data in a platform like Cloud Pak for Security, 

speeding searches

View all critical security data without moving it

Conduct a rapid parallel search across multiple data lakes

Query federal government-related data

Question 5

Correct

1.00 points out of 1.00

Back Next

In the Toyota Financial Services (TFS) win story, what was a key
reason that TFS picked Cloud Pak for Security and QRadar
SIEM?

They did not view Splunk as a real SIEM

They were forced to move SIEM platforms because

ArcSight is no longer an option

IBM Security has much better T-shirts

They did not like Splunk's pricing model 

Question 6

Correct

1.00 points out of 1.00

You are creating a quote that includes Cloud Pak for Security,
Guardium Insights and Threat Intelligence Insights. What is the
primary licensing and packaging mechanism to use in your
quote?

Resource Unit (RU) 

Managed Virtual Server (MVS)

Authorized User (AU)

Virtual Processor Core (VPC)

Question 7

Incorrect

0.00 points out of 1.00

Back Next

What are the key advantages of Threat Intelligence Insights

"Am I Affected" report?

Determines the potential business impact of threat 

indicators

Automatically scans for threats and opens cases

Determines which Security Operations Center analysts

should be involved in a case

Calculates the number of victims affected by a data breach

Question 8

Correct

1.00 points out of 1.00

Which component of QRadar XDR Connect can automatically

investigate cases and recommend remediation, saving valuable
analyst time?

Threat investigator 

Cloud Pak for Security Data Explorer

Threat Intelligence Insights

QRadar SIEM
Question 9

Incorrect

0.00 points out of 1.00

Back Next

A prospective client is concerned about vendor lock-in if they

purchase Cloud Pak for Security. Which key data integration
technology, created by IBM and released to open-source,
would help alleviate their concerns?

STIX-Shifter

OS/2

Kestrel 

STIX

Question 10

Correct

1.00 points out of 1.00

You have a meeting with a security team to discuss Cloud Pak

for Security and QRadar SIEM. One of the team members, who
is a friendly acquaintance, lets you know that they are a big
Splunk shop. What tactic would you recommend for
approaching this customer?

Cancel the meeting as there is no opportunity for CP4S in

Splunk shops

Position QRadar SIEM and CP4S as a lower cost

replacement for Splunk

Position CP4S as a value-added solution that augments 

what Splunk can do

Tell them that Splunk is going out of business and they

should move to IBM
Question 11

Correct

1.00 points out of 1.00

Back Next

What is Kestrel?

Machine Learning model

Open integration standard

Threat hunting language 

Close relative to the pigeon

Question 12

Incorrect

0.00 points out of 1.00

Threat Investigator can display an attack timeline view. What

are the main advantages of this view?

Leverages Watson to show what happened, in what 

order

Sequences the threat, providing a clear and concise view

Automatically enriches SOAR cases with real-world

artifacts

Provides a complete forensic view of an attack from start to

finish
Question 13

Correct

1.00 points out of 1.00

Back Next

What is the name of the Seismic site that contains IBM Security
sales demonstration assets?

Demonstrativa

Demo Central 

IBM Demo Repository (IDR)

Demos R Us

Question 14

Correct

1.00 points out of 1.00

Approximately how many organizations have deployed Zero

Trust according to the 2021 Ponemon Cost of a Data Breach
Report?

Half

Two thirds

Three quarters

One third 
Question 15

Correct

1.00 points out of 1.00

Back Next

Which IBM-created technology allows threat hunters to focus

on what to hunt, not how to hunt?

Kestrel 

Ariel

TAXII

STIX

Question 16

Correct

1.00 points out of 1.00

A Splunk client is interested in potentially deploying Cloud Pak

for Security to help mitigate costs. How much, on average, will
leaving data "at rest" save, versus ingesting it into Splunk?

20% 

53%

15%

38%
Question 17

Incorrect

0.00 points out of 1.00

Back Next

A client asks you for a recommendation on ways to improve

their UBA (User Behavioral Analytics) intelligence by adding
cloud database security data. Which solution would you
suggest?

Imperva

Guardium Insights

QRadar SIEM 

Threat Investigator

Question 18

Correct

1.00 points out of 1.00

A client is impressed with the capabilities of IBM Watson, and

asks you which components of QRadar XDR Connect use it.
How do you respond?

Watson for Cybersecurity

Threat Intelligence Insights

Threat Investigator 

QRadar Advisor with Watson

Question 19

Correct

1.00 points out of 1.00

Back Next

During a client presentation, the organization's CISO stops you

and asks which IBM security products are included in QRadar
XDR Connect. What do you tell them?

QRadar SOAR, Threat Investigator, Cloud Pak for Security

DE

Cloud Pak for Security DE, Threat Intelligence Insights, 

Threat Investigator

Threat Intelligence Insights, X-Force IRIS, Cloud Pak for

Security

QRadar SIEM, QRadar SOAR, Cloud Pak for Security DE

Question 20

Correct

1.00 points out of 1.00

On the average, how much money did mature Zero Trust

organizations save when breached, when compared with those
that had not deployed Zero Trust?

$5.04 million

$4.71 million

$3.28 million

$1.76 million 
Question 21

Correct

1.00 points out of 1.00

Back Next

What are the four primary Cloud Pak for Security use cases?

Visibility, Detection, Investigation, Response 

Manage, Modernize, Improve, Collaborate

Discover, Visualize, Detect, Action

Insights, Threats, Remediation, Response

Question 22

Incorrect

0.00 points out of 1.00

Gartner defines Security Orchestration, Automation, and

Response (SOAR) as a combination of which three key
technologies?

Security Information Event Management, Security

Orchestration and Automation, and Security Incident
Response Platforms

Threat Intelligence Insights, Security Orchestration and

Automation, Security Incident Response Platforms

Security Incident Response Platforms, Threat 

Intelligence Platforms, Security Orchestration and
Response

Security Orchestration and Automation, Security Incident

Response Platforms, and Threat Intelligence Platforms
Question 23

Correct

1.00 points out of 1.00

Back Next

Which IBM Security product provides a data security hub from

Guardium Data Protection that can also streamed directly from
Cloud sources?

Guardium ETL

Guardium Insights 

QRadar SIEM

Guardium Data Pump

Question 24

Correct

1.00 points out of 1.00

A prospective client is struggling with meeting privacy breach

notification requirements imposed by their local governments.
Which IBM Security product would help them satisfy this use
case?

QRadar SOAR 

Guardium Insights

QRadar SIEM

Threat Intelligence Insights

Question 25

Correct

1.00 points out of 1.00

Back Next

In 2020, what percentage of cybersecurity incidents originated

in the cloud?

73%

65%

80%

90% 