An IBM Security QRadar SIEM V7.2.8 Administrator needs to download a nightly configuration backup file

from a past day through the Web Console.

Which steps must be followed to achieve this?

A. Admin Tab -> System Configuration -> Backup and Recovery -> Generate new backup -> Save

B. Admin Tab -> System Configuration -> Backup and Recovery ->Choose the name of an Existing backup

C. Admin Tab -> System Configuration -> Backup and Recovery -> Import New Backup -> Select file extension -> Save

D. Admin Tab -> System Configuration -> System Settings -> Database Settings -> Choose the name of an Existing backup

Which permission can be assigned to a user from User Roles in the IBM Security QRadar SIEM V7.2.8 Console?

A. Admin

B. DSM Updates

C. Flow Activity

D. Configuration Management

An Administrator working with IBM Security QRadar SIEM V7.2.8 needs to copy data and configuration

backup files from the previous day to an off-site location.

What is the default location where these files can be found?

A. /store/backup

B. /store/exports

C. /store/postgres

D. /store/backupHost

An IBM Security QRadar SIEM V7.2.8 Administrator needs to check if the "hostcontext" process is running. How can the Administrator do this?

A. hostcontext status

B. status hostcontext service

C. service hostcontext status

D. /etc/qradar/hostcontext status

An Administrator using IBM Security QRadar SIEM V7.2.8 is using the RegEx syntax below:

(\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b)

What type of information is it designed to extract?

A. An IP Address

B. GPS Coordinates

C. A Telephone Number

D. A simple integer no longer than 4 digits

What is needed to send the same events and flows to separate data centers or geographically separate sites and enable data redundancy in IBM Security QRadar SIEM V7.2.8?

A. A Flashcopy or GlobalMirror License.

B. A dark fibre network and proper configuration of the backup and recovery feature.

C. A load balancer or other method to deliver the same data to mirrored appliances.

D. Use the Backup and Recovery automation feature in QRadar and a dedicated fiber channel connection.

What procedure does a user of IBM Security QRadar SIEM V7.2.8 need to follow to delete a dashboard?

A. Click the "Dashboard" tab.From the Show Dashboard list box, select the dashboard that you want to delete.On the toolbar, click "Delete Dashboard".Click "Yes".

B. Click the "Dashboard" tab.From the Show Dashboard list box, select the dashboard that you want to delete.On the toolbar, click "Remove Dashboard".Click "Yes".

C. Click the "Dashboard" tab.On the toolbar, click "Delete a Dashboard".From the Delete Dashboard window, select the dashboard that you want to delete.Click "Yes".

D. Click the "Dashboard" tab.From the Show Dashboard list box, select the dashboard that you want to delete.On the toolbar, click "Delete Dashboard for a user".On the User selection Menu select the user you want to delete from the dashboard and click "Okay".

When upgrading IBM Security QRadar SIEM V7.2.8, the upgrade file needs to be made accessible to the

operating system.

Which command will accomplish this task?

A. mount -o loop -t iso9660 .iso /media/updates/

B. mount -o loop -t squashfs.sfs /media/updates/

C. umount -o loop -t iso9660 .iso /media/updates/

D. umount -o loop -t squashfs.sfs /media/updates/

What must be done when creating a user with a non-admin role on an IBM Security QRadar SIEM V7.2.8 system that is utilizing Active Directory authentication?

A. Ensure the password has a minimum of 8 characters.

B. Create the user's initial password and have them change it immediately.

C. Ensure the user's QRadar password matches their Active Directory password.

D. A password does not need to be set on QRadar when using Active Directory authentication.

Given the following RegEx: (\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b) What data does this expression extract?

A. URL

B. User Name

C. IP address

D. Email Address