Question 1

What is the name of the data collection set used in QRadar that can be populated with lOCs or other external data?

Options :

A : Index set

B : Reference set

C : IOC set

D : Data set

Answer: B

Question 2

Which parameters are used to calculate the magnitude rating of an offense?

Options :

A : Relevance, credibility, time

B : Severity, relevance, credibility

C : Relevance, urgency, credibility

D : Severity, impact, urgency

Answer: B

Question 3

A QRadar analyst develops an advanced search on the Log Activity tab and presses the shortcut "Ctrl + Space" in the search field. What information is displayed?

Options :

A : The full list of AQL databases, functions and fields (properties) is displayed.

B : The full list of AQL tables and relationships from a database is displayed.

C : The full list of AOL functions, fields (properties), and keywords is displayed.

D : The full list of AQL functions, tables, and views from a database is displayed.

Answer: A

Question 4

A Security Analyst has noticed that an offense has been marked inactive. How long had the offense been open since it had last been updated with new events or flows?

Options :

A : 1 day + 30 minutes

B : 5 days + 30 minutes

C : 10 days + 30 minutes

D : 30 days + 30 minutes

Answer: B

Question 5

What is the primary use of viewing the Magnitude metric on the Offenses tab?

Options :

A : Determine which events to investigate last.

B : Determine the credibility rating that is configured in the log source.

C : Understand the type of offense we are facing.

D : Identify the importance of the offense in your environment.

Answer: D

Higher Test Marks with Free Online C1000-162 Exam Practice

Buying Options: