When investigating, what is the best way to store a newly-found IOC?
A) Paste it into Notepad.
B) Click the "Add IOC" button.
C) Click the "Add Artifact" button.
D) Add it in a text note to the investigation.
Correct Answer:
Verified
Q20: What does the risk framework add to
Q21: Which correlation search feature is used to
Q22: If a username does not match the
Q23: ES needs to be installed on a
Q24: After installing Enterprise Security, the distributed configuration
Q26: Which of the following ES features would
Q27: Where are attachments to investigations stored?
A) KV
Q28: How should an administrator add a new
Q29: A site has a single existing search
Q30: What feature of Enterprise Security downloads threat
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents