C1000-162 Exam Training Practice Tests (IBM Security QRadar SIEM V7.5 Analysis)]

Question 1

What is the primary use of viewing the Magnitude metric on the Offenses tab?

A. Determine the credibility rating that is configured in the log source. B. Determine which events to investigate last. C. Identify the importance of the offense in your environment. D. Understand the type of offense we are facing.

Correct Answer: C

Explanation: Only visible for TrainingDump members. You can sign-up / login (it's free).

Question 2

The Pulse app contains which two (2) widget chart types?

A. Binary chart B. Scatter chart C. Big number chart D. Hexadecimal chart E. Small number chart

Correct Answer: B,C

Explanation: Only visible for TrainingDump members. You can sign-up / login (it's free).

Question 3

Which parameters are used to calculate the magnitude rating of an offense?

A. Severity, relevance, credibility B. Relevance, credibility, time C. Relevance, urgency, credibility D. Severity, impact, urgency

Correct Answer: A

Explanation: Only visible for TrainingDump members. You can sign-up / login (it's free).

Question 4

What is the default number of notifications that the System Notification dashboard can display?

A. 10 notifications B. 50 notifications C. 5 notifications D. 20 notifications

Correct Answer: A

Explanation: Only visible for TrainingDump members. You can sign-up / login (it's free).

Question 5

Which two (2) components are necessary for generating a report using the QRadar Report wizard?

A. Email address B. Layout C. Dynamic search D. Quick search E. Saved search

Correct Answer: B,E

Explanation: Only visible for TrainingDump members. You can sign-up / login (it's free).

Question 6

A Security Analyst was asked to search for an offense on a specific day. The requester was not sore of the time frame, but had Source Host information to use as well as networks involved, Destination IP and username.
Which fitters can the Security Analyst use to search for the information requested?

A. Specific Interval, Username, Destination IP B. Description, Destination IP. Host Name C. Offense ID, Source IP, Username D. Magnitude, Source IP, Destination IP

Correct Answer: A

Question 7

How long does QRadar store payload indexes by default?

A. 7 days B. 30 days C. 90 days D. 14 days

Correct Answer: B

Explanation: Only visible for TrainingDump members. You can sign-up / login (it's free).

Question 8

Create a list that stores Username as the first key. Source IP as the second key with an assigned cidr data type, and Source Port as the value.
The example above refers to what kind of reference data collections?

A. Reference table B. Reference store C. Reference map of sets D. Reference map

Correct Answer: A

Explanation: Only visible for TrainingDump members. You can sign-up / login (it's free).

Question 9

On which lab can an analyst perform a "Flow Bias" Quick Search?

A. Asset Management app B. Log Activity tab C. Network Activity tab D. Log Source Management app

Correct Answer: C

Explanation: Only visible for TrainingDump members. You can sign-up / login (it's free).

Question 10

Which condition is required to display the "Include in my Dashboard" parameter in the Log Activity tab while saving a search?

A. Filter the columns that are listed in the Available Columns list and disable the Enable Unique Counts to display the flow counts instead of average counts over Real Time B. This parameter is only displayed if the search is grouped C. The result limits cannot be empty and not in a group D. The search must be set to Advanced Search and must be propagated with a high level of confidence

Correct Answer: C

IBM Security QRadar SIEM V7.5 Analysis - C1000-162 Exam Practice Test