C1000-162 by IBM Actual Free Exam Questions And Answers

Question 1

Which two (2) options are at the top level when an analyst right-clicks on the Source IP or Destination IP that is associated with an offense at the Offense Summary?

A. Asset Summary page

B. Navigate

C. WHOIS Lookup

D. DNS Lookup

E. Information

Discussion 0

Correct Answer: C,D Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 2

Which statement regarding saved event search criteria is true?

A. Saved search criteria cannot be reused

B. You cannot define the name of the saved search criteria

C. Saved search criteria does not expire

D. Saved search criteria expires

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 3

What is the default number of notifications that the System Notification dashboard can display?

A. 10 notifications

B. 5 notifications

C. 20 notifications

D. 50 notifications

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 4

AQRadar analyst can check the rule coverage of MITRE ATT&CK tactics and techniques by using Use Case Manager.
In the Use Case Manager app, how can a QRadar analyst check the offenses triggered and mapped to MITRE ATT&CK framework?

A. From Offenses tab

B. By navigating to "CRE Report"

C. By clicking on "Tuning Home"

D. By navigating to "Detected in timeframe"

Discussion 0

Correct Answer: D Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

Question 5

A QRadar analyst would like to search for events that have fully matched rules which triggered offenses.
What parameter and value should the analyst add as filter in the event search?

A. Associated with Offense is True

B. Associated with Rule is False

C. Associated with Rule is True

D. Associated with Offense is False

Discussion 0

Correct Answer: A Vote an answer

Question 6

A Security Analyst was asked to search for an offense on a specific day. The requester was not sore of the time frame, but had Source Host information to use as well as networks involved, Destination IP and username.
Which fitters can the Security Analyst use to search for the information requested?

A. Offense ID, Source IP, Username

B. Magnitude, Source IP, Destination IP

C. Specific Interval, Username, Destination IP

D. Description, Destination IP. Host Name

Discussion 0

Correct Answer: C Vote an answer

Question 7

What Is the result of the following AQL statement?

A. Returns all fields where the username contains the ERS string and is case-insensitive

B. Returns all fields where the username is different from the ERS string and is case-sensitive

C. Returns all fields where the username is different from the ERS string and is case-insensitive

D. Returns all fields where the username contains the ERS string and is case-sensitive

Discussion 0

Correct Answer: A Vote an answer

Explanation: Only visible for Fast2test members. You can sign-up / login (it's free).

IBM Security QRadar SIEM V7.5 Analysis - C1000-162 Exam Practice Test

Contact Us

Useful Links

Latest Updated