Multiple Choice
When investigating, what is the best way to store a newly-found IOC?
A) Paste it into Notepad.
B) Click the "Add IOC" button.
C) Click the "Add Artifact" button.
D) Add it in a text note to the investigation.
Correct Answer:
Verified
Correct Answer:
Verified
Related Questions
Q7: How is it possible to navigate to
Q8: What does the summariesonly=true option do for
Q9: When ES content is exported, an app
Q10: Which two fields combine to create the
Q11: Which of the following is a key
Q13: What does the risk framework add to
Q14: The Add-On Builder creates Splunk Apps that
Q15: What is the bar across the bottom
Q16: Which of the following ES features would
Q17: A newly built custom dashboard needs to