Which of the following are valid tests that can be applied within a rule in a SIEM system?
A . Comparing field values against known threat intelligence
B . Testing for the presence of a specific string in log data
C . Checking the velocity of events against a baseline
D . Verifying the digital signature of events
Answer: AB
Latest C1000-175 Dumps Valid Version with 120 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund