Multiple Choice
A set of correlation searches are enabled at a new ES installation, and results are being monitored. One of the correlation searches is generating many notable events which, when evaluated, are determined to be false positives. What is a solution for this issue?
A) Suppress notable events from that correlation search.
B) Disable acceleration for the correlation search to reduce storage requirements.
C) Modify the correlation schedule and sensitivity for your site.
D) Change the correlation search's default status and severity.
Correct Answer:
Verified
Correct Answer:
Verified
Q33: When installing Enterprise Security, what should be
Q34: Which settings indicated that the correlation search
Q35: Which indexes are searched by default for
Q36: Which of the following actions may be
Q37: An administrator wants to ensure that none
Q39: What do threat gen searches produce?<br>A) Threat
Q40: Following the installation of ES, an admin
Q41: What feature of Enterprise Security downloads threat
Q42: In order to include an eventtype in
Q43: The Brute Force Access Behavior Detected correlation