From which screen can a Secondary Host be added to an HA host?

A. Admin -> System Settings

B. Admin -> Deployment Editor

C. Admin -> Store and Forward

D. Admin -> System and License Management

Which line color inside the deployment editor signals that encrypted communication has been selected for the managed hosts in a distributed environment?

A. Red

B. Blue

C. Black

D. Green

A customer wants to detect users that logged in from IP addresses in different locations simultaneously. How can the customer achieve this using the QRadar console?

A. Create a rule to test for login failures from different country with 15 minutes

B. Create a rule to check for a local login within corporate network and simultaneous remote login

C. Create a rule to test for 2 or more logins from VPN or AD from different countries within 15 minutes

D. Create an offense to test for 2 or more logins from VPN or AD from different countries within 15 minutes

Which Network Address Translation (NAT) is necessary to enable NAT for a Managed Host?

A. Static NAT translation

B. Active NAT translation

C. Variable NAT translation

D. Dynamic NAT translation

How is a full Event Data Restore on a 1605 appliance performed?

A. Selecting Full Recovery from the Backup/Restore screen in the Qradar UI

B. Selecting Full Data Recovery from the Backup/restore screen in the Qradar UI

C. From the CLI on the 1605 run the command 'tar-zcvf /store/backup/backup.full.tgz /store/ariel'

D. From the CLI on the 1605 run the command 'tar-zxvf /store/backup/backup.full.tgz /store/ariel'

What is the maximum height for a custom logo in a report header?

A. 25 pixels

B. 50 pixels

C. 100 pixels

D. 500 pixels

Which two primary data sources send updates to the Asset profiler? (Choose two.)

A. Source IP

B. Source Port

C. Scan Result

D. Destination IP

E. Identity Events

How do you view an offense that is associated with an event from the Log Activity tab?

A. Double click the event

B. Click the Offense icon next to the event

C. Right click the event, select View Offenses

D. Select the event, and select Offenses from the View list box

There are unknown log records from unsupported security device events in the Log activity tab. You are planning to write an LSX for an unsupported security device type based on UDSM.

What is the file format and payload option for exporting the unknown log records?

A. PDF and full export

B. CSV and full export

C. XML and visible column

D. CSV and visible column

Which Permission Precedence should be applied in the Security Profile so the users can see events from the "Windows Servers" log source group and from other log sources that match the destination or source network "Windows"?

A. No Restrictions

B. Log Sources Only

C. Networks OR Log Sources

D. Networks AND Log Sources