Free IBM C1000-162 Exam Questions

Become IBM Certified with updated C1000-162 exam questions and correct answers

Page: 1 / 26

Total 128 Questions | Updated On: Feb 28, 2024

Add To Cart

Question 1

What is the name of the data collection set used in QRadar that can be populated with lOCs or other external data?

A : Index set

B : Reference set

C : IOC set

D : Data set

Answer: B

Question 2

How does a QRadar analyst get to more information about a MITRE entry in the Use Case Manager?

A : Hover over the entry and read the tooltip

B : Highlight the entry and click the help button

C : Click the Tactic’s Explore icon to reveal and open the MITRE web page

D : Use the Threat Intelligence app

Answer: C

Question 3

A QRadar analyst develops an advanced search on the Log Activity tab and presses the shortcut "Ctrl + Space" in the search field. What information is displayed?

A : The full list of AQL databases, functions and fields (properties) is displayed.

B : The full list of AQL tables and relationships from a database is displayed.

C : The full list of AOL functions, fields (properties), and keywords is displayed.

D : The full list of AQL functions, tables, and views from a database is displayed.

Answer: A

Question 4

Which QRadar component provides the user interface that delivers real-time flow views?

A : QRadar Viewer

B : QRadar Console

C : QRadar Flow Collector

D : QRadar Flow Processor

Answer: B

Question 5

AQRadar analyst can check the rule coverage of MITRE ATT&CK tactics and techniques by using Use Case Manager. In the Use Case Manager app, how can a QRadar analyst check the offenses triggered and mapped to MITRE ATT&CK framework?

A : By navigating to "CRE Report"

B : From Offenses tab

C : By clicking on "Tuning Home"

D : By navigating to "Detected in timeframe"

Answer: D

Page: 1 / 26

Total 128 Questions | Updated On: Feb 28, 2024

Add To Cart