nerdexam
Splunk

SPLK-5001 · Question #111

SPLK-5001 Question #111: Real Exam Question with Answer & Explanation

The correct answer is B. Risk Based Alerting (RBA). Risk Based Alerting evaluates and accumulates risk scores for entities over a defined time window, enabling detection of evolving threats across a period rather than at a single point in

Question

Which Splunk ES feature detects complex behavior over a "period of time" instead of "point in time" alerting?

Options

  • ANotable Based Alerting (NBA)
  • BRisk Based Alerting (RBA)
  • CAdaptive Actions
  • DAnalytic Stories

Explanation

Risk Based Alerting evaluates and accumulates risk scores for entities over a defined time window, enabling detection of evolving threats across a period rather than at a single point in

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SPLK-5001 Practice