IBM
C1000-163 · Question #7
C1000-163 Question #7: Real Exam Question with Answer & Explanation
Sign in or unlock C1000-163 to reveal the answer and full explanation for question #7. The question stem and answer options stay visible for context.
Question
An analyst reviewed an active offense that was many attackers, generating many events in the same category, targeting many systems. Upon further analysis, the analyst determined that the traffic from the attackers is legitimate and should not contribute to the offenses. Which tuning methodology guideline can the analyst use to tune out this traffic?
Options
- AEdit the building blocks by using the Custom Rules Editor to tune the specific event.
- BUse the Log Source Management app to tune the category.
- CEdit building blocks by using the Custom Rules Editor to tune the category.
- DUse the False Positive Wizard to tune the specific event.
Unlock C1000-163 to see the answer
You've previewed enough free C1000-163 questions. Unlock C1000-163 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.