What is the rule for using the Quick Filter to group terms using logical expressions such as AND, OR, and NOT?
A. The syntax is not case sensitive.
B. The syntax is case sensitive and the operators must be upper case to be recognized as logical expressions and not as search terms.
C. The syntax is case sensitive and the operators must be placed between square brackets to be recognized as logical expressions and not as search terms.
D. The syntax is case sensitive and the operators must be lower case and placed between square brackets to be recognized as logical expressions and not as search terms.
How many default dashboards are included in IBM Security QRadar V7.0 MR4?
A. 1
B. 2
C. 5
D. 8
A user is complaining about slow traffic on a specific network segment, and an administrator has been asked to investigate the source of the congestion using an IBM Security QRadar V7.0 MR4 (QRadar) Dashboard workspace named Top Applications.
From the Top Applications dashboard workspace, which tab is displayed when View Details is clicked?
A. Assets
B. Offenses
C. Log Activity
D. Network Activity
Which four fields are used when importing assets from a CSV file?
A. IP, Name, Weight. Description
B. IP. Port, MAC Address, Weight
C. IP, Port. MAC Address. Description
D. IP, User, Host Name, Service Version
A flow is always based on what?
A. unicast and any cast traffic
B. unicast and broadcast traffic
C. unicast. multicast, and anycast traffic
D. unicast, broadcast, and multicast traffic
Where are QID values displayed?
A. In the Asset Properties of the asset
B. In the QID map menu of the Adrnin tab
C. In the detailed view of the Network Activity tab
D. In the Additional Information section of the event
What are two instances when IBM Security QRadar V7.0 MR4 performs a magnitude re-evaluation for an offense? (Choose two.)
A. At scheduled intervals
B. When the offense is closed
C. When the offense is created
D. When each event or flow is added
E. When the offense is assigned to a user
Which function queries for offenses using specific criteria and displays those offenses that match the criteria?
A. Find
B. Search
C. Offense Lookup
D. Right-click > Navigate
What is the Identity Information section used for?
A. To show which rules match an event
B. To show which log source an event belongs to
C. To show the High/Low level category of an event
D. To show the user information relative to an event
On the Offenses tab, which option displays offenses by access, exploit, or malware?
A. By Rules
B. By Category
C. By Definition
D. By Source IP