Refer to the exhibit. A cybersecurity analyst is using Sguil to verify security alerts. How is the current view sorted?

Refer to the exhibit. A cybersecurity analyst is using Sguil to verify security alerts. How is the current view sorted?

CyberOps Associate (Version 1.0) - CyberOps Associate 1.0 Final exam Answers 03

CyberOps Associate (Version 1.0) – CyberOps Associate 1.0 Final exam Answers 03

  • by sensor number
  • by source IP
  • by date/time
  • by frequency
    Answers Explanation & Hints:

    The CNT column, between the ST and Sensor columns, displays the frequency of alerts. By sorting with frequency, the analyst will get a better sense of what has happened on the network.