Splunk Exam SPLK-2003 Topic 1 Question 45 Discussion

Actual exam question for Splunk's SPLK-2003 exam

Question #: 45
Topic #: 1

[All SPLK-2003 Questions]

Which of the following actions will store a compressed, secure version of an email attachment with suspected malware for future analysis?

ACopy/paste the attachment into a note.

BAdd a link to the file in a new artifact.

CUse the Files tab on the Investigation page to upload the attachment.

DUse the Upload action of the Secure Store app to store the file in the database.

Show Suggested Answer

Suggested Answer: B

by Stephaine at Jul 03, 2024, 09:26 PM

Limited Time Offer

25%

Off

Get Premium SPLK-2003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Frankie

1 days ago

I agree with Ruthann, option C seems like the best choice for storing a secure version of the email attachment.

upvoted 0 times

...

Alverta

2 days ago

Haha, copying and pasting the attachment into a note? What is this, the 90s? Definitely going with option D!

upvoted 0 times

...

Ruthann

3 days ago

I think the answer is C) Use the Files tab on the Investigation page to upload the attachment.

upvoted 0 times

...

Lyndia

5 days ago

I'm not sure, but D) using the Upload action of the Secure Store app sounds secure too.

upvoted 0 times

...

Quentin

6 days ago

I'm pretty sure the Files tab on the Investigation page is the best choice here. That's where I usually upload files for analysis.

upvoted 0 times

...

Lizbeth

7 days ago

I agree with Nana, storing the attachment in the Files tab makes sense for future analysis.

upvoted 0 times

...

Carmelina

8 days ago

Option D seems like the way to go. The Secure Store app is designed for storing potentially malicious files securely.

upvoted 0 times

...

Nana

9 days ago

I think the answer is C) Use the Files tab on the Investigation page to upload the attachment.

upvoted 0 times

...