Question 1

Which of the following are examples of threat intelligence sources?

Options :

A : Internal incident reports

B : Commercial threat feeds

C : Open-source feeds

D : Social media platforms

Answer: A,B,C

Question 2

Which SPL command is used to filter results based on specific conditions?

Options :

A : filter

B : match

C : search

D : where

Answer: C

Question 3

What is the primary purpose of Risk Based Alerting within Splunk Enterprise Security?

Options :

A : Prioritizing security alerts based on risk level

B : Triggering automated responses without analysis

C : Ignoring security alerts altogether

D : Generating random alerts for testing purposes

Answer: A

Question 4

What is the purpose of the CIM (Common Information Model) in Splunk?

Options :

A : To automate security incident response

B : To encrypt sensitive information in logs

C : To provide a standard framework for organizing and normalizing data

D : To generate visualizations for data analysis

Answer: C

Question 5

What do tactics, techniques, and procedures (TTPs) refer to in the cybersecurity industry?

Options :

A :

Legal regulations governing data privacy

B : Methods used by threat actors to achieve their objectives

C : Security controls implemented by organizations

D : Common vulnerabilities in software

Answer: B