Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. IBM
  3. IBM Security Systems
  4. C1000-162
  5. IBM Security QRadar SIEM V7.5 Analysis Questions and Answers

Pass the IBM Security Systems C1000-162 Questions and answers with ValidTests

Exam C1000-162 All Questions
Exam C1000-162 Premium Access

View all detail and faqs for the C1000-162 exam

Go to Exam
Viewing page 5 out of 5 pages
Viewing questions 41-50 out of questions
Questions # 41:

After analyzing an active offense where many source systems were observed connecting to a specific destination via local-to-local LDAP traffic, an ^lyst discovered that the targeted system is a legitimate LDAP server within the organization.

x avoid confusion in future analyses, how can this type of traffic to the target system be flagged as expected and be excluded from further offense ation?

Options:

A.

Add the IP address of the LDAP server to the BB:Host Definition: LDAP Servers building block.

B.

Remove the IP address of the source systems from the Global False Positive Events building block.

C.

Add the IP address of the source systems to the All Default Positive building block.

D.

Remove the IP address of the LDAP server from the network hierarchy.

Expert Solution
Viewing page 5 out of 5 pages
Viewing questions 41-50 out of questions