Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

IBM Exam C1000-162 Topic 2 Question 25 Discussion

Actual exam question for IBM's C1000-162 exam
Question #: 25
Topic #: 2
[All C1000-162 Questions]

What is an effective method to fix an event that is parsed an determined to be unknown or in the wrong QReader category/

Show Suggested Answer Hide Answer
Suggested Answer: B

The magnitude rating of an offense in QRadar is calculated based on relevance, severity, and credibility. Relevance determines the impact on the network, credibility indicates the integrity of the offense, and severity represents the level of threat. QRadar uses complex algorithms to calculate and periodically re-evaluate the offense magnitude rating.


by Jerrod at Sep 19, 2024, 02:40 AM

Limited Time Offer

25%

Off

Get Premium C1000-162 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Lavina
2 days ago
Option C looks like the most straightforward solution. Modifying the event mapping seems like the easiest way to reassign the category.
upvoted 0 times
...
Shanice
6 days ago
I believe writing a Custom Rule and using Rule Response is the most effective way.
upvoted 0 times
...
Lavonne
11 days ago
I prefer creating a Custom Property to extract the proper Category.
upvoted 0 times
...
Elsa
13 days ago
I think creating a DSM extension is the best method.
upvoted 0 times
...

Save Cancel