C1000-162無料問題集「IBM Security QRadar SIEM V7.5 Analysis」

質問 1

What is the default number of notifications that the System Notification dashboard can display?

（A）20 notifications

（B）10 notifications

（C）50 notifications

（D）5 notifications

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

Which statement regarding saved event search criteria is true?

（A）Saved search criteria does not expire

（B）You cannot define the name of the saved search criteria

（C）Saved search criteria cannot be reused

（D）Saved search criteria expires

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Which two (2) options are at the top level when an analyst right-clicks on the Source IP or Destination IP that is associated with an offense at the Offense Summary?

（A）WHOIS Lookup

（B）Information

（C）DNS Lookup

（D）Asset Summary page

（E）Navigate

正解：A、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Which of these statements regarding the deletion of a generated content report is true?

（A）All reports that were generated from the report template as well as the report template are deleted.

（B）All reports that were generated from the report template are deleted, but the report template is retained.

（C）Only specific reports that were not generated from the report template are deleted, but the report template is retained.

（D）Only specific reports that were not generated from the report template as well as the report template are deleted.

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which two (2) values are valid for the Offense Type field when a search is performed in the My Offenses or All Offenses tabs?

（A）Any

（B）DDoS

（C）QID

（D）Risk Score

（E）Source IP

正解：A、E 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

To test for authorized access to a patent, create a list that uses a custom event property for Patent id as the key, and the username parameter as the value. Data is stored in records that map a key to multiple values and every key is unique. Use this list to populate a list of authorized users.
The example above refers to what kind of reference data collections?

（A）Reference map of sets

（B）Reference table

（C）Reference map of maps

（D）Reference map

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

Many offenses are generated and an analyst confirms that they match some kind of vulnerability scanning.
Which building block group needs to be updated to include the source IP of the vulnerability assessment (VA) scanner to reduce the number of offenses that are being generated?

（A）Behavior definition

（B）Device definition

（C）Host definitions

（D）Host reference

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

How does a Device Support Module (DSM) function?

（A）A DSM is a background service running on the QRadar appliance that reaches out to devices deployed in a network for configuration data.

（B）A DSM is a configuration file that parses received events from multiple log sources and converts them to a standard taxonomy format that can be displayed as outputs.

（C）A DSM is an installed appliance that parses received events from multiple log sources and converts them to a standard taxonomy format that can be displayed as outputs.

（D）A DSM is a configuration file that combines received events from multiple log sources and displays them as offenses in QRadar.

正解：C 解答を投票する

質問 9

Create a list that stores Username as the first key. Source IP as the second key with an assigned cidr data type, and Source Port as the value.
The example above refers to what kind of reference data collections?

（A）Reference map of sets

（B）Reference table

（C）Reference store

（D）Reference map

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

From which tabs can a QRadar custom rule be created?

（A）Offenses, Log Activity, or Network Activity tabs

（B）Offenses. Assets, or Log Action tabs

（C）Log Activity or Network Action tabs

（D）Offenses or Admin tabs

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

C1000-162 無料問題集「IBM Security QRadar SIEM V7.5 Analysis」

弊社を連絡する

関連リンク

トップ試験