What is the CIDR range used by the QRadar Network Hierarchy that catches all addresses that are not defined in your network hierarchy?

The CIDR range that captures all addresses not defined in your network hierarchy is 0.0.0.0/0. This notation means that it matches any and all IP addresses. In CIDR (Classless Inter-Domain Routing), the /0 indicates that there are no bits fixed for the network portion, allowing for a range that encompasses the entire IPv4 address space.

Using 0.0.0.0/0 in QRadar is essential for scenarios where it's important to log or monitor traffic from any source that does not explicitly match another defined address range in your network hierarchy. This is particularly useful in security monitoring, as it provides a way to ensure that all potential threats from unknown addresses can be captured and examined.

The other options presented refer to specific ranges or definitions that do not cover the full IPv4 address space. For example, 0.0.0.0/32 only matches the single IP address of 0.0.0.0, while 255.255.255.255/0 and 255.255.255.255/32 focus on the broadcast address and a single address respectively, but do not provide a range inclusive of all addresses. Therefore, 0.0.0