Splunk
SPLK-5002 · Question #12
SPLK-5002 Question #12: Real Exam Question with Answer & Explanation
Sign in or unlock SPLK-5002 to reveal the answer and full explanation for question #12. The question stem and answer options stay visible for context.
Question
A detection engineer is using a threat defense informed strategy to define use cases. Which Splunk app would best facilitate their use case development process by cross referencing detections with the MITRE ATT&CK® Framework?
Options
- ASupporting add-on for MITRE ATT&CK®
- BSplunk Security Essentials App
- CEnterprise Security
- DEnterprise Security Content Update App
Unlock SPLK-5002 to see the answer
You've previewed enough free SPLK-5002 questions. Unlock SPLK-5002 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.