Splunk
SPLK-5002 · Question #14
SPLK-5002 Question #14: Real Exam Question with Answer & Explanation
Sign in or unlock SPLK-5002 to reveal the answer and full explanation for question #14. The question stem and answer options stay visible for context.
Question
A corporate laptop was disconnected from the internet Friday at 5PM local time. While offline, the user unknowingly opened a malicious file. The laptop came back online the following Monday morning, 9AM local time. The current detection has a 15 minute lookback period. How can the detection be tuned to account for this scenario?
Options
- AIncrease the info_min_time to account for the weekend.
- BLeverage an event time configuration within the detection.
- CLeverage an index time configuration within the detection.
- DIncrease the info_max_time to account for the weekend.
Unlock SPLK-5002 to see the answer
You've previewed enough free SPLK-5002 questions. Unlock SPLK-5002 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.