The Risk Analysis dashboard provides tools to analyze the risk scores and risk modifiers of various objects, such as systems, users, hashes, and network artifacts. The dashboard shows the risk score by object, the most active sources of risk, the risk score by category, the risk score over time, and the risk modifiers by object. The dashboard also allows you to create ad hoc risk entries, view the risk details of an object, and export the risk data as a CSV file. The other options, A, B, and D, are not correct. The Risk Analysis dashboard does not provide tools to show high risk threats, notable event domains, or key indicators of correlation searches. These are features of other dashboards in Splunk Enterprise Security, such as the Threat Activity dashboard, the Domain Analysis dashboard, and the Correlation Search Audit dashboard. References =
Analyze risk in Splunk Enterprise Security
Risk Analysis dashboard
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit