Which of the following does the Hunting and Investigation Guide contain?
Which of the following does the Hunting and Investigation Guide contain?
The Hunting and Investigation Guide is designed to assist users with threat hunting. It contains example Event Search queries specifically useful for threat hunting, providing practical tools and methods to identify potential threats effectively.
I think D is more suitable here.
D is not suitable here. The question is about Threat Hunting and not platform administration.
I think C is the correct answer
C. Example Event Search queries useful for threat hunting I think the question (and the user guide) is focus on " threat hunting", and the answer D keyword is "Falcon platform configuration". The question and guide is more on threat hunting , NOT the configuration. So I think C is better answer.