A QRadar SIEM administrator wants to create a Flow Rule that includes a building block definition (BB) that includes applications that indicate communication with file sharing sites. In which group will the administrator find this specified building block?
A. Policy
B. Host Definitions
C. Network Definition
D. Category Definitions
Which character is used for naming subgroups when using the option Add Group in the Network Hierarchy editor?
A. +(plus)
B. . (period)
C. \ (Backslash)
D. /(Forward Slash)
Which directory from the QRadar host can be moved to offboard storage?
A. A/ar
B. /store
C. /home
D. /media
Which two search filters are available on the QRadar console while making an asset search? (Choose two.)
A. PCI Severity. NERC Severity
B. Vulnerability CVSS Base Score. Vulnerability Risk Score
C. Vulnerability on Open Port, Vulnerability on Open Service
D. Vulnerability on Open Port, Vulnerability External Reference
E. Vulnerability on Source Port, Vulnerability on Destination Port
What is a benefit of enabling indexes on event properties?
A. Improved Offense Correlation
B. Improved search performance
C. Improved Performance of Custom Rules
D. Improved accuracy of auto-discovery log sources
What does the message in the System Notification Widget on the Dashboard "Disk Sentry: Disk Usage exceeded max threshold" tell you?
A. One of your Files Systems has exceeded 92%.
B. One of your Files Systems has exceeded 95%.
C. One of your Files Systems has exceeded 98%
D. One of your Files Systems has exceeded 90%.
Where is an email address from which you want to receive email alerts on QRadar SIEM located?
A. Admin > System settings > Alert Email From Address
B. Admin > Console settings > Alert Email From Address
C. Admin > System settings > Administrative Email Address
D. Admin > Console settings > Administrative Email Address
Which two formats are available for reports generated from the QRadar Reporting Tab? (Choose two.)
A. TXT
B. CSV
C. PDF
D. HTML
E. PostScript
Which action prevents an offense from being removed from the database?
A. Hide
B. Show
C. Export
D. Protect
Who can view all offenses?
A. All users
B. Admin user
C. User who has access to All Log Sources and All Networks
D. Restricted User who has access to a Specific Log Source and Network