Online Access Free C1000-162 Practice Test

Which statement regarding the Assets tab is true?

• A.The display is populated with all eliminated and recreated assets in your network.
• B.The display is populated with all discovered assets in your network.
• C.It displays connection information to determine how different network devices are connected.
• D.It displays flow information to determine how and what network traffic is communicated.

Several systems were initially reviewed as active offenses, but further analysis revealed that the traffic generated by these source systems is legitimate and should not contribute to offenses.
How can the activity be fine-tuned when multiple source systems are found to be generating the same event and targeting several systems?

• A.Use the Log Source Management app to tune the event
• B.Edit the building blocks by using the Custom Rules Editor to tune out a destination IP
• C.Edit the building blocks by using the Custom Rules Editor to tune out the specific event
• D.Edit the building blocks by using the Custom Rules Editor to tune out a source IP

How does a QRadar analyst get to more information about a MITRE entry in the Use Case Manager?

• A.Click the Tactic's Explore icon to reveal and open the MITRE web page
• B.Hover over the entry and read the tooltip
• C.Use the Threat Intelligence app
• D.Highlight the entry and click the help button

Events can be exported from the QRadar Log Activity tab in which file formats?

• A.JSON and XML
• B.JSON. XML, and CSV
• C.XML and CSV
• D.XLS and CSV

What is the default number of notifications that the System Notification dashboard can display?

• A.20 notifications
• B.50 notifications
• C.5 notifications
• D.10 notifications