This type of integration workflow helps retrieve a list of active network connections from a host or endpoint, so it can be used to enrich incidents during investigation.
A.
Security Incident Response – Get Running Services
B.
Security Incident Response – Get Network Statistics
C.
Security Operations Integration – Sightings Search
D.
Security Operations Integration – Block Request
The Get Network Statistics capability retrieves a list of active network connections from a host or endpoint. It can be used for incident enrichment during investigations. This capability is triggered automatically when a configuration item is added to a security incident....https://www.servicenow.com/docs/bundle/xanadu-security-management/page/product/security-operations-common/concept/get-network-statistics-capability.html
Explanation: ebook p.147, Get Network Statistics: REtrieves a list of active netowkr connections from an endpoint or host, This capability is used for incident nerichment during investigations.
This section is not available anymore. Please use the main Exam Page.CIS-SIR Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
NokoNice
4 months agoDukeCheckem
11 months agoSazeka
1 year agoSazeka
1 year agosephereth
1 year, 3 months agoMrBravo
9 months agoSazeka
1 year ago