C1000-163 Exam Questions

In the Backup Recovery Configuration section, what is the default retention period?

To install the 7.x WinCollect Configuration Console, which of these actions is a prerequisite?

From which tabs can a QRadar custom rule be created?

Where can one share, find available apps, discover what they are used for, discover what they look like, and learn what other users say about apps?

On a Microsoft Windows 2019 server, a WinCollect agent is installed, which polls events locally. Its profile is set to Maximum EPS and the average EPS is 5000. What is the minimum...

Which version of sFlow does QRadar support when defining a new flow source?

Which are the time criteria in AQL queries?

Which script can detemine which QRadar process is consuming the most resources?

What is the purpose of assigning QRadar Use Case Manager to a user role?

Which two types of default building blocks do you need to edit to reduce the number of offenses that are generated by high volume traffic servers?

A QRadar deployment professional wants to integrate a dynamic data set like asset information so that QRadar can use the latest information in the new data set to correlate the rul...

A QRadar deployment professional wants to add entries from a .csv file to the Reference Set. Which script that is included in QRadar can be used?

What is the minimum disk size for a QRadar virtual appliance installation?

What is the hostcontext service?

Reports can be organized into groups for efficient utilization. What report groups are available by default in QRadar?

Which three (3) statements are capabilities of the Network Hierarchy in QRadar?

Which log source should be used to filter QRadar audit events?

Consider this scenario and instruction. Vulnerability assessment products launch attacks that can result in offense creation. To avoid this behavior and define vulnerability assess...

Which of the following changes require standard deployment?

A deployment professional is initially tuning a QRadar deployment. The Log Activity tab shows that there are some external events from a remote network to another remote network. W...

Which two (2) file formats are available for exporting offenses?

A large multinational corporation is expanding its QRadar deployment to new countries. They decided to implement a geographically distributed deployment. What may be a benefit of h...

How are Events that are associated with an offense listed?

An organization wants QRadar to have rules, dashboards, and reports to detect and report on cryptocurrency mining activity. What can be installed in QRadar to meet this requirement...

When prioritizing offenses to investigate, what metric is provided on the Offenses tab specifically to help influence which offenses to investigate first?

Which of these is a tenant administrator responsible for?

What is the directory where a backup archive file needs to be placed so that QRadar can automatically import it?

At the Offense Summary window, the first row of data shows the level of importance that QRadar assigned to the offense. Which statement is the correct description for Magnitude?

A QRadar deployment professional is asked to plan a hardware migration for an Event Processor in HA. Two new appliances are ready to be used, and they use the same IP addresses. Wh...

Which type of information is considered as identity data for QRadar Assets?

What can an analyst use in QRadar to quickly find information about IP addresses and URLs while analyzing an offense or event?