Page: 1
/ 12
Total 175 questions
A user of QRadar wishes to have a report showing the number of bytes per packet they see with their flows. The user decides to create a Custom Flow Property for this application.
Which type of custom property is required for this to be accomplished?
- A. Regex Custom Property
- B. Advanced Custom Property
- C. Computation Custom Property
- D. Calculation Based Custom Property
Answer : A
Which operating system is supported for creating a bootable flash drive for recovery?
- A. Cisco IOS
- B. Florida Linux
- C. Debian Linux
- D. RedHat Linux
Answer : D
What are the two support formats for exporting an Assets list from QRadar console?
(Choose two.)
- A. XML
- B. RTF
- C. PDF
- D. CSV
- E. HTML
Answer : A,E
Which command will install the patch after mounting the patch file?
- A. /media/updates/setup
- B. /media/updates/installer
- C. /media/updates/setup -patch
- D. /media/updates/installer -patch
Answer : B
Explanation:
References:
How frequently does the Automated Update Process run if Configuration files are updated on Primary and then Deploy Changes is not performed, and the updates are made on the
Secondary host through an Automated Update Process?
- A. Every 10 minutes
- B. Every 15 minutes
- C. Every 30 minutes
- D. Every 60 minutes
Answer : D
Explanation:
References:
Which three messages are displayed in the Next Run Time Column while a QRadar
Administrator is manually generating a report? (Choose three.)
- A. Generating
- B. (x hour(s) x min(s))
- C. Generating Queues
- D. (x hour(s) x min(s) y sec(s))
- E. Queued (position in the queue)
- F. Queued in the database column
Answer : B,D,E
On the QRadar console you have received notification that CVE ID: CVE-2010-000 is being actively used.
What search parameter should you select from the list of search parameters in this situation?
- A. Collateral Damage Reference
- B. Vulnerability External Reference
- C. Vulnerability Information System
- D. Vulnerability Internal System Reference
Answer : C
Explanation:
References:
Which attribute is valid when defining the user roles to provide the necessary access?
- A. Admin: System Administrator
- B. Log Activity: View Custom Rules
- C. Log Activity: Manage Time Series
- D. Network Activity: Maintain custom Rules
Answer : A
Which directory from the QRadar host can be moved to offboard storage?
- A. A/ar
- B. /store
- C. /home
- D. /media
Answer : B
What does the message in the System Notification Widget on the Dashboard "Disk sentry:
System disk usage back to normal levels." tell you?
D. One of your File Systems has been reduced to below 90%.
- A. One of your File Systems has been reduced to below 92%.
- B. One of your File Systems has been reduced to below 95%. C. One of your File Systems has been reduced to below 98%.
Answer : A
Explanation:
References:
What is used to collect netflow and jflow traffic in a QRadar Distributed Deployment?
- A. QRadar 3105 Console
- B. QRadar 1705 Processor
- C. QRadar 1605 Processor
- D. QRadar 700 Risk Manager
Answer : A
Explanation:
References:
Which action can be performed on a license key?
- A. Erase a license key
- B. Delete a license key
- C. Unload a license key
- D. Unallocate a license key
Answer : B
What should the format of a CSV file be while importing assets on the QRadar console?
- A. ip,portweight,description
- B. ip,name,weightmagnitude
- C. ip.name.weight.description
- D. ip.name.severity.description
Answer : C
Explanation:
References:
Which feature of QRadar is used for correlation purposes to help reduce false positives?
- A. Flow information
- B. Events information
- C. Asset port information
- D. Asset profile information
Answer : D
Explanation:
References:
30 days access 