What is used to collect netflow and jflow traffic in a QRadar Distributed Deployment?
A. QRadar 3124 Console
B. QRadar 1624 Processor
C. QRadar 1724 Processor
D. QRadar 700 Risk Manager
Which function allows a custom event property to be removed from a selected event?
A. Anomaly
B. Map Event
C. False Positive
D. Extract Property
From which screen can a Secondary Host be added to an HA host?
A. Admin -> System Settings
B. Admin -> Deployment Editor
C. Admin -> Store and Forward
D. Admin -> System and License Management
What does monitoring offenses grouped by category provide?
A. A list of offenses grouped on the user category
B. A list of offenses grouped on the low-level category
C. A list of offenses grouped on the high-level category
D. A list of offenses grouped on the event or flow category
What is used to collect security events in a QRadar Distributed Deployment?
A. QRadar 3105 Console
B. QRadar 1705 Processor
C. QRadar 1605 Processor
D. QRadar 1201 QFlow Collector
What is the easiest method to populate host definition building blocks?
A. Setup Rules
B. Server Discovery
C. Authorized Services
D. Manually Define Building Blocks
Which three messages are displayed in the Next Run Time Column while a QRadar Administrator is manually generating a report? (Choose three.)
A. Generating
B. (x hour(s) x min(s))
C. Generating Queues
D. (x hour(s) x min(s) y sec(s))
E. Queued (position in the queue)
F. Queued in the database column
What is used to collect security events in a QRadar Distributed Deployment?
A. QRadar 3124 Console
B. QRadar 1724 Processor
C. QRadar 1624 Processor
D. QRadar 1310 QFlow Collector
Which two primary data sources send updates to the Asset profiler? (Choose two.)
A. Source IP
B. Source Port
C. Scan Result
D. Destination IP
E. Identity Events
Which two options are available for Override parameter when an administrator views the Asset Profile Summary page? (Choose two.)
A. Forever
B. Until Next Scan
C. After Next Scan
D. Before Next Scan
E. After Specified Time
