Splunk
SPLK-5001 · Question #110
SPLK-5001 Question #110: Real Exam Question with Answer & Explanation
Sign in or unlock SPLK-5001 to reveal the answer and full explanation for question #110. The question stem and answer options stay visible for context.
Question
While investigating a finding in Splunk, an analyst manually searches for threat intelligence matches and adds them to a list if they come back as malicious. Then, they send a request to contain the compromised host. What would be the best solution to fully automate this process?
Options
- AAn intelligence response action.
- BA SOAR playbook triggered by the detection.
- CDocument those steps in the team's runbook.
- DA model-assisted threat hunt.
Unlock SPLK-5001 to see the answer
You've previewed enough free SPLK-5001 questions. Unlock SPLK-5001 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.