C1000-162試験無料問題集（140題）「IBM Security QRadar SIEM V7.5 Analysis 認定」

出題：1

When an analyst is investigating an offense, what is the property that specifies the device that attempts to breach the security of a component on the network?

A. Port

B. Source IP

C. Destination IP

D. Network

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Which log source and protocol combination delivers events to QRadar in real time?

A. Solaris Basic Security Mode (BSM) via Log File Protocol

B. McAfee ePolicy Orchestrator via JDBC

C. Sophos Enterprise console via JDBC

D. McAfee ePolicy Orchestrator via SNMP

正解：D 解答を投票する

出題：3

An analyst must create a reference set collection containing the IPv6 addresses of command-and-control servers in an IBM X-Force Exchange collection in order to write a rule to detect any enterprise traffic with those malicious IP addresses.
What value type should the analyst select for the reference set?

A. IPv6

B. IP

C. AlphaNumeric (Ignore Case)

D. IPv4 or IPv6

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

A Security Analyst was asked to search for an offense on a specific day. The requester was not sore of the time frame, but had Source Host information to use as well as networks involved, Destination IP and username.
Which fitters can the Security Analyst use to search for the information requested?

A. Magnitude, Source IP, Destination IP

B. Specific Interval, Username, Destination IP

C. Description, Destination IP. Host Name

D. Offense ID, Source IP, Username

正解：B 解答を投票する

出題：5

Which statement regarding the time series chart is true?

A. It displays static time series charts that represent the records that match and unmatch a specific time range search

B. It displays interactive time series charts that represent the records that match a specific time range search

C. The length of time that is required to export your data depends on the number of parameters specified

D. The length of time that is required to export your data depends on the number of parameters specified and hidden

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Which two (2) types of data can be displayed by default in the Application Overview dashboard?

A. Login Failures by User {real-time)

B. Outbound Traffic by Country (Total Bytes)

C. ICMP Type/Code (Total Packets)

D. Top Applications (Total Bytes)

E. Flow Rate (Flows per Second - Peak 1 Min)

正解：B,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Which IBM X-Force Exchange feature could be used to query QRadar to see if any of the lOCs were detected for COVID-19 activities?

A. Threat Intelligence ATP

B. STIX Bundle

C. Ami Affected

D. TAXI I automatic updates

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

On which lab can an analyst perform a "Flow Bias" Quick Search?

A. Asset Management app

B. Network Activity tab

C. Log Source Management app

D. Log Activity tab

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：9

Which of these statements regarding the deletion of a generated content report is true?

A. All reports that were generated from the report template as well as the report template are deleted.

B. Only specific reports that were not generated from the report template are deleted, but the report template is retained.

C. Only specific reports that were not generated from the report template as well as the report template are deleted.

D. All reports that were generated from the report template are deleted, but the report template is retained.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

Which parameter is calculated based on the relevance, severity, and credibility of an offense?

A. Impact rating

B. Severity age

C. Magnitude rating

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

C1000-162試験無料問題集「IBM Security QRadar SIEM V7.5 Analysis 認定」