Splunk Related Exams
SPLK-5001 Exam
An analyst notices that one of their servers is sending an unusually large amount of traffic, gigabytes more than normal, to a single system on the Internet. There doesn’t seem to be any associated increase in incoming traffic.
What type of threat actor activity might this represent?
An adversary uses "LoudWiner" to hijack resources for crypto mining. What does this represent in a TTP framework?
Which of the following is not considered a type of default metadata in Splunk?