IBM Security QRadar V7.3.1 Fundamental Administration — Question 6

Which use cases are covered with the File Activity Monitoring feature? (Select two.)

Answer options

• A. Classify sensitive files on mainframe systems.
• B. Encrypts database data files on file systems based on policies.
• C. Selectively redacts sensitive data patterns in files based on policies.
• D. Provides audit trail of access to files, alert and/or block when unauthorized users or processes attempt access.
• E. Identifies files containing Personally Identifiable Information (PII) or proprietary confidential information on Linux Unix Windows (LUW) systems.

Correct answer: A, E

Explanation

The correct answers are A and E because File Activity Monitoring focuses on identifying and classifying sensitive files, particularly on mainframe systems and those containing PII or confidential information on LUW systems. Options B and C relate to encryption and redaction, which are not functions of File Activity Monitoring, while D, although relevant to file access control, does not directly pertain to the primary use cases of monitoring file activity.