An analyst is investigating a series of events that triggered an Offense. The analyst wants to get more detailed information about the IP address from the reference set.How can the analyst accomplish this?
What does the Assets tab provide?A unified view of the information that is known about:
An analyst needs to find events coming from unparsed log sources in the Log Activity tab.What is the log source type of unparsed events?
What information is displayed in the default “Log Activity” page? (Choose two.)
Which are the supported protocol configurations for Check Point integration with QRadar? (Choose two.)
An analyst needs to use a new custom property in a rule.What must be the mandatory characteristic of the custom property?
