nerdexam
Splunk

SPLK-3001 · Question #56

SPLK-3001 Question #56: Real Exam Question with Answer & Explanation

The correct answer is B. Create notable event. https://docs.splunk.com/Documentation/ES/6.6.2/Admin/Configureadaptiveresponse#Included_ad aptive_response_actions

Question

Which of the following is an adaptive action that is configured by default for ES?

Options

  • ACreate new asset
  • BCreate notable event
  • CCreate investigation
  • DCreate new correlation search

Explanation

https://docs.splunk.com/Documentation/ES/6.6.2/Admin/Configureadaptiveresponse#Included_ad aptive_response_actions

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SPLK-3001 Practice