Splunk Exam SPLK-2003 Topic 1 Question 45 Discussion

Actual exam question for Splunk's SPLK-2003 exam

Question #: 45
Topic #: 1

[All SPLK-2003 Questions]

Which of the following actions will store a compressed, secure version of an email attachment with suspected malware for future analysis?

ACopy/paste the attachment into a note.

BAdd a link to the file in a new artifact.

CUse the Files tab on the Investigation page to upload the attachment.

DUse the Upload action of the Secure Store app to store the file in the database.

Show Suggested Answer

Suggested Answer: B

by Stephaine at Jul 03, 2024, 09:26 PM

Limited Time Offer

25%

Off

Get Premium SPLK-2003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Elke

24 days ago

A link to the file? Nah, man, that's just asking for trouble. Gotta use that Secure Store app to keep it safe.

upvoted 0 times

...

Svetlana

1 months ago

I'm not sure, but I think D) Use the Upload action of the Secure Store app could also be a good option for storing the file securely.

upvoted 0 times

...

Frankie

1 months ago

I agree with Ruthann, option C seems like the best choice for storing a secure version of the email attachment.

upvoted 0 times

...

1 months ago

I'm pretty sure the Files tab on the Investigation page is the best choice here. That's where I usually upload files for analysis.

upvoted 0 times

Nickie

16 days ago

A) Copy/paste the attachment into a note.

upvoted 0 times

...

Lizbeth

1 months ago

I agree with Nana, storing the attachment in the Files tab makes sense for future analysis.

upvoted 0 times

...

Carmelina

1 months ago

Option D seems like the way to go. The Secure Store app is designed for storing potentially malicious files securely.

upvoted 0 times

...

Nana

1 months ago

I think the answer is C) Use the Files tab on the Investigation page to upload the attachment.

upvoted 0 times

...