CrowdStrike
CCFH-202B · Question #57
CCFH-202B Question #57: Real Exam Question with Answer & Explanation
Sign in or unlock CCFH-202B to reveal the answer and full explanation for question #57. The question stem and answer options stay visible for context.
Question
Which of the following is the proper method to quantify search results, enabling a hunter to quickly sort and identify outliers?
Options
- AUsing the "| stats count by" command at the end of a search string in Event Search
- BUsing the "|stats count" command at the end of a search string in Event Search
- CUsing the "|eval" command at the end of a search string in Event Search
- DExporting Event Search results to a spreadsheet and aggregating the results
Unlock CCFH-202B to see the answer
You've previewed enough free CCFH-202B questions. Unlock CCFH-202B for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.