C1000-163 Exam Questions

What does authorization in the LDAP authentication module do?

IBM provides a utility to move the data from an old appliance to a new appliance. Which command runs that utility.

What file format is supported to perform a bulk load of data into a reference set?

A QRadar deployment professional designs a multi-tenant environment where each tenant is permitted a quantity of events per second (EPS). In a discussion with the service provider...

If you do not have access to the admin account from the user interface, how to change admin password?

What are the search options available for searching offense data on the By Networks page?

The /store for a QRadar HA setup was migrated to a Fibre Channel device. High Availability is not needed on this cluster, and it needs to be disconnected. What changes are required...

What is the Export Licenses function used for?

Analysts can filter searches in QRadar from which three (3) of these locations?

Where do you select a custom property in an event?

During restoration of a configuration backup on the system in the Restore a Backup window, which is a parameter or item a QRadar specialist can select to be restored?

All appliances must be on the same version and patch level prior to an upgrade. How are the patch levels verified for all systems in a deployment?

In a distributed environment, which QRadar appliance must be updated first?

A new Console will be built on new hardware, to replace a Console on old hardware. No managed hosts will be migrated to the new hardware. The new Console will have a different IP a...

How many default dashboards are available in Qradar?

Which two passwords does a deployment professional configure when installing QRadar? (Choose two.)

An analyst views a dashboard in Pulse, which is not working as expected. Which aggregation type should be selected to ensure the correct configuration for a Pie Chart?

A deployment professional needs to troubleshoot a QRadar application that is not working. Which tool can be used to aid the troubleshooting of containers and container management o...

What is a difference between a flow and an event?

What approach does QRadar take when it imposes EPS license (not hardware) limits on events that temporarily spike above that limit?

Which app pulls feeds by using the open standard STIX and TAXII formats?

What is the network interface requirement for adding a secondary HA node to the primary HA node?

Which item is an internal flow source?

Where is a QRadar license obtained?

Which port is required to ensure that the HA nodes are still active?

What is correct permissions of directories in /store/ariel/events/payloads and /store/ariel/flows/payloads?

A company plans to collect event data from two remote sites that have slow WAN links. These remote sites do not generate many events per second. The company's deployment profession...

For tenant data retention, what is the maximum number of buckets for shared data that can be created per tenant?

Which industry standard security framework is incorporated into the QRadar 7.4.3 environment, which allows the QRadar deployment professional to link rules and building blocks to c...

What can content management scripts be used to accomplish?

Which step is required for the migration of Ariel data from an old appliance to a new appliance?

When adding a Data Node to an Event Processor, what are the minimum bandwidth and maximum latency requirements?

Which of the following are true about Data node?

When you install QRadar, the default license key is temporary and gives you access to the system for __________days from the installation date.

What is correct order to start Qradar Services?

After working on a QRadar Support case, a set of logs is needed for further review. Where is the script to gather those logs in case you have no UI access?

Which of these is a valid CIDR length value to use when configuring the network hierarchy in QRadar?

Which is a sign that the QRadar Network Hierarchy requires tuning?

What is high-level view of the configuration restore process?

How can you check the amount of used and available RAM on a QRadar appliance?

An analyst needs to preserve the data from a search to view later. Which option should they select?

A QRadar deployment professional needs to transfer the configuration of a distributed environment (one Console and one EP, not using HA) onto an All-in-One (AIO) system to run some...

What is the default data retention period for a retention bucket?

Which statement about IBM-validated QRadar content extensions is true?

What app can be used in QRadar to visualize offenses, network data, threats, and malicious behavior provide insights and analysis about a network?

What is the minimum bandwidth required between the primary and the secondary nodes of a HA cluster?

What must be done on all managed hosts after the restoration of a config backup on a new console?

Which service is responsible for adding new assets in Qradar?

Which tool allows you to troubleshoot accumulator issues?

Which parameter determines the impact of the offense on the network?