A Deployment Professional has a reference list of usernames that is used in rules. The Deployment Professional needs to be able to remove a username from the reference list when an offense is detected from a log event.How can a Deployment Professional accomplish this goal?
A Deployment Professional has created a new Building Block (BB), and it's not returning any expected events. The Deployment Professional has checked to ensure the BB is enabled and active. No errors are returned.What should be done to correct this BB problem?
A Deployment Professional has come on-site to upgrade a IBM Security QRadar SIEM V7.2.7 deployment to a new fix level. Before running the upgrade, the software and fix versions must be verified.What must the Deployment Professional verify?
A Deployment Professional has been asked to create a new dashboard which consists of utilizing a saved search.Which box should be checked when creating this search?
A Deployment Professional is alerted that flows between two assets within a local network are communicating at a higher rate than normal between midnight and2 a.m. The Deployment Professional is asked to determine why this is occurring and decides to create an alert that will send a notification when the communication happens again.Which action could be used?
A client has reached the maximum of 5000 EPS for their 3128 All-in-One appliance. They have just completed an acquisition of a competitor company and would like to get them on-board with collecting events for correlation in QRadar. It has been determined that the newly acquired company has a large number of log sources, and it is estimated that its total EPS will be approx. 22000 EPS.What will meet the hardware requirements when changing to a distributed environment?
