What right-click menu option can an analyst use to find information about an IP or URL?
What right-click menu option can an analyst use to find information about an IP or URL?A . IBM Advanced Threat lookupB . Watson Advisor Al IOC LookupC . QRadar Anomaly lookupD . X-Force Exchange LookupView AnswerAnswer: D Explanation: To find information about an IP or URL within QRadar, analysts can...
Which two (2) aggregation types ate available for the pie chart in the Pulse app?
Which two (2) aggregation types ate available for the pie chart in the Pulse app?A . LastB . TotalC . AverageD . FirstE . MiddleView AnswerAnswer: B, C Explanation: For pie charts in the Pulse app of QRadar, the available aggregation types include "Total" and "Average." These aggregation types allow...
Which type of rule should you use to test events or (lows for activities that are greater than or less than a specified range?
Which type of rule should you use to test events or (lows for activities that are greater than or less than a specified range?A . Behavioral rulesB . Anomaly rulesC . Custom rulesD . Threshold rulesView AnswerAnswer: D Explanation: Threshold rules in QRadar are designed to test events or flows...
What QRadar application can help you ensure that IBM GRadar is optimally configured to detect threats accurately throughout the attack chain?
What QRadar application can help you ensure that IBM GRadar is optimally configured to detect threats accurately throughout the attack chain?A . Rules ReviewerB . Log Source ManagerC . QRadar Deployment IntelligenceD . Use Case ManagerView AnswerAnswer: D Explanation: The IBM QRadar Use Case Manager application assists in tuning QRadar...
Which two (2) types of content extensions are supported by QRadar?
QRadar analysts can download different types of content extensions from the IBM X-Force Exchange portal. Which two (2) types of content extensions are supported by QRadar?A . Custom FunctionsB . EventsC . FlowsD . FGroupE . OffensesView AnswerAnswer: A, E Explanation: QRadar supports different types of content extensions that can...
Which parameters are used to calculate the magnitude rating of an offense?
Which parameters are used to calculate the magnitude rating of an offense?A . Relevance, credibility, timeB . Severity, relevance, credibilityC . Relevance, urgency, credibilityD . Severity, impact, urgencyView AnswerAnswer: B Explanation: The magnitude rating of an offense in IBM Security QRadar SIEM V7.5 is calculated based on three key parameters:...
Which statement regarding saved event search criteria is true?
Which statement regarding saved event search criteria is true?A . Saved search criteria expiresB . Saved search criteria does not expireC . Saved search criteria cannot be reusedD . You cannot define the name of the saved search criteriaView AnswerAnswer: B Explanation: In QRadar, when you save search criteria, especially...
How can adding indexed properties to QRadar improve the efficiency of searches?
How can adding indexed properties to QRadar improve the efficiency of searches?A . By reducing the size of the data set required to find non-indexed search valuesB . By increasing the size of the data set required to find non-indexed search valuesC . By slowing down the search processD ....
Which two (2) factors are responsible for the different colors in MITRE heat map?
The Use Case Manager app has an option to see MITRE heat map. Which two (2) factors are responsible for the different colors in MITRE heat map?A . Number of offenses generatedB . Number of events associated to offenseC . Number of rules mappedD . Level of mapping confidenceE ....
What happens when you select "False Positive" from the right-click menu in the Log Activity tab?
What happens when you select "False Positive" from the right-click menu in the Log Activity tab?A . You can tune out events that are known to be false positives.B . You can investigate an IP address or a user name.C . Items are filtered that match or do not match...