When using the Dynamic Search window on the Admin tab, which two (2) data sources are available?
When using the Dynamic Search window on the Admin tab, which two (2) data sources are available?A . ASSETSB . PAYLOADC . OFFENSESD . AOL QUERYE . SAVED SEARCHESView AnswerAnswer: AC Explanation: In the Dynamic Search window on the Admin tab of QRadar, the available data sources include "Assets" and...
Reports can be generated by using which file formats in QRadar?
Reports can be generated by using which file formats in QRadar?A . PDF, HTML, XML, XLSB . JPG, GIF, BMP, TIFC . TXT, PNG, DOC, XMLD . CSV, XLSX, DOCX, PDFView AnswerAnswer: A Explanation: QRadar supports generating reports in various file formats, including PDF, HTML, XML, and XLS. These formats...
On the Offenses tab, which column explains the cause of the offense?
On the Offenses tab, which column explains the cause of the offense?A . DescriptionB . Offense TypeC . MagnitudeD . IPsView AnswerAnswer: B Explanation: On the Offenses tab within QRadar, the "Offense Type" column explains the cause of the offense. The offense type is determined by the rule that triggered...
What type of custom property should be used when an analyst wants to combine extraction-based URLs, virus names, and secondary user names into a single property?
What type of custom property should be used when an analyst wants to combine extraction-based URLs, virus names, and secondary user names into a single property?A . AOL-based propertyB . Absolution-based propertyC . Extraction-based propertyD . Calculation-based propertyView AnswerAnswer: A Explanation: When an analyst wants to combine multiple extraction and...
What feature in QRadar uses existing asset profile data so administrators can define unknown server types and assign them to a server definition in building blocks and in the network hierarchy?
What feature in QRadar uses existing asset profile data so administrators can define unknown server types and assign them to a server definition in building blocks and in the network hierarchy?A . Server rolesB . Active serversC . Server discoveryD . Server profilesView AnswerAnswer: C Explanation: In IBM Security QRadar...
The example above refers to what kind of reference data collections?
Create a list that stores Username as the first key. Source IP as the second key with an assigned cidr data type, and Source Port as the value. The example above refers to what kind of reference data collections?A . Reference map of setsB . Reference storeC . Reference tableD...
What two (2) guidelines should you follow when you define your network hierarchy?
What two (2) guidelines should you follow when you define your network hierarchy?A . Do not configure a network group with more than 15 objects.B . Organize your systems and networks by role or similar traffic patterns.C . Use the autoupdates feature to automatically populate the network hierarchy.D . Import...
In QRadar. what do event rules test against?
In QRadar. what do event rules test against?A . The parameters of an offense to trigger more responsesB . Incoming log source data that is processed in real time by the QRadar Event ProcessorC . Incoming flow data that is processed by the QRadar Flow ProcessorD . Event and flow...
Offense chaining is based on which field that is specified in the rule?
Offense chaining is based on which field that is specified in the rule?A . Rule action fieldB . Offense response fieldC . Rule response fieldD . Offense index fieldView AnswerAnswer: D Explanation: Offense chaining in IBM Security QRadar SIEM V7.5 is based on the offense index field specified in the...
How can an analyst search for all events that include the keyword "access"?
How can an analyst search for all events that include the keyword "access"?A . Go to the Network Activity tab and run a quick search with the "access" keyword.B . Go to the Log Activity tab and run a quick search with the "access" keyword.C . Go to the Offenses...
 
	