Question 1

Event Search data is recorded with which time zone?

Options :

A : PST

B : GMT

C : EST

D : UTC

Answer: D

Question 2

To find events that are outliers inside a network,___________is the best hunting method to use.

Options :

A : time-based

B : machine learning

C : searching

D : stacking

Answer: D

Question 3

SPL (Splunk) eval statements can be used to convert Unix times (Epoch) into UTC readable time Which eval function is correct^

Options :

A : now

B : typeof

C : strftime

D : relative time

Answer: C

Question 4

Which threat framework allows a threat hunter to explore and model specific adversary tactics and techniques, with links to intelligence and case studies?

Options :

A : MITRE ATT&CK

B : Lockheed Martin Cyber Kill Chain

C : Director of National Intelligence Cyber Threat Framework

D : NIST 800-171 Cyber Threat Framework

Answer: A

Question 5

Which of the following does the Hunting and Investigation Guide contain?

Options :

A : A list of all event types and their syntax

B : A list of all event types specifically used for hunting and their syntax

C : Example Event Search queries useful for threat hunting

D : Example Event Search queries useful for Falcon platform configuration

Answer: C