a:[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"QAPage\",\"mainEntity\":{\"@type\":\"Question\",\"name\":\"SPLK-5001 Exam - Question 57\",\"text\":\"An analyst investigates an IDS alert and confirms suspicious traffic to a known malicious IP. What Enterprise Security data model would they use to investigate which process initiated the network connection?\",\"answerCount\":1,\"datePublished\":\"2024-09-27T00:13:00.000Z\",\"author\":{\"@type\":\"Organization\",\"name\":\"Splunk\"},\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"\",\"datePublished\":\"2024-09-27T00:13:00.000Z\",\"upvoteCount\":1,\"author\":{\"@type\":\"Organization\",\"name\":\"Examice\"},\"url\":\"https://examice.com/forum/splunk/L4GGPuqi0j\"},\"suggestedAnswer\":[{\"@type\":\"Answer\",\"text\":\"Friends could you please confirm this answer\",\"datePublished\":\"2024-09-27T00:13:00.000Z\",\"upvoteCount\":1,\"url\":\"https://examice.com/forum/splunk/L4GGPuqi0j/#4SSX08fSmb\",\"author\":{\"@type\":\"Person\",\"name\":\"nosavotor\"}}]}}"}}],["$","div",null,{"className":"min-h-[calc(100vh_-_156px)] sm:min-h-[calc(100vh_-_166px)] flex w-full flex-col items-center bg-muted/60 sm:px-6","children":["$","div",null,{"className":"w-full max-w-[1110px] space-y-8 py-8 lg:space-y-10 lg:py-10","children":[["$","section","L4GGPuqi0j",{"className":"mx-auto space-y-8 rounded bg-white px-6 py-10 shadow-sm md:py-12","children":[["$","div",null,{"className":"group relative mx-auto max-w-[740px] overflow-hidden rounded-xl border-l-8 border-brand-active bg-gradient-to-br from-brand via-brand/95 to-brand/90 p-6 shadow-lg transition-all hover:shadow-xl","children":[["$","div",null,{"className":"absolute -right-12 -top-12 size-40 rounded-full bg-white/10 blur-3xl transition-all duration-700 group-hover:scale-125 group-hover:opacity-80"}],["$","div",null,{"className":"absolute -bottom-8 -left-8 size-24 rounded-full bg-white/5 blur-2xl transition-all duration-700 group-hover:scale-110"}],["$","div",null,{"className":"absolute left-1/2 top-1/2 size-60 -translate-x-1/2 -translate-y-1/2 rounded-full bg-white/5 opacity-0 blur-3xl transition-all duration-700 group-hover:opacity-60"}],["$","div",null,{"className":"relative flex flex-col items-center justify-between gap-6 md:flex-row","children":[["$","div",null,{"className":"flex items-center gap-x-5","children":[["$","div",null,{"className":"hidden rounded-full bg-white/15 p-3.5 shadow-inner backdrop-blur-sm transition-all duration-300 group-hover:scale-110 group-hover:bg-white/20 md:flex","children":["$","svg",null,{"width":"15","height":"15","viewBox":"0 0 15 15","fill":"none","xmlns":"http://www.w3.org/2000/svg","className":"size-6 text-white transition-transform group-hover:rotate-3","children":["$","path",null,{"d":"M3 2.5C3 2.22386 3.22386 2 3.5 2H9.08579C9.21839 2 9.34557 2.05268 9.43934 2.14645L11.8536 4.56066C11.9473 4.65443 12 4.78161 12 4.91421V12.5C12 12.7761 11.7761 13 11.5 13H3.5C3.22386 13 3 12.7761 3 12.5V2.5ZM3.5 1C2.67157 1 2 1.67157 2 2.5V12.5C2 13.3284 2.67157 14 3.5 14H11.5C12.3284 14 13 13.3284 13 12.5V4.91421C13 4.51639 12.842 4.13486 12.5607 3.85355L10.1464 1.43934C9.86514 1.15804 9.48361 1 9.08579 1H3.5ZM4.5 4C4.22386 4 4 4.22386 4 4.5C4 4.77614 4.22386 5 4.5 5H7.5C7.77614 5 8 4.77614 8 4.5C8 4.22386 7.77614 4 7.5 4H4.5ZM4.5 7C4.22386 7 4 7.22386 4 7.5C4 7.77614 4.22386 8 4.5 8H10.5C10.7761 8 11 7.77614 11 7.5C11 7.22386 10.7761 7 10.5 7H4.5ZM4.5 10C4.22386 10 4 10.2239 4 10.5C4 10.7761 4.22386 11 4.5 11H10.5C10.7761 11 11 10.7761 11 10.5C11 10.2239 10.7761 10 10.5 10H4.5Z","fill":"currentColor","fillRule":"evenodd","clipRule":"evenodd"}]}]}],["$","div",null,{"className":"flex flex-col","children":[["$","span",null,{"className":"text-center font-heading text-xl font-medium tracking-tight text-white md:text-left","children":["SPLK-5001"," Exam Questions"]}],["$","span",null,{"className":"mt-1.5 text-center text-sm text-white/90 md:text-left","children":"Browse all questions from this exam"}]]}]]}],["$","div",null,{"className":"flex items-center","children":["$","$L10",null,{"href":"/exams/splunk/splk-5001","className":"inline-flex items-center font-medium justify-center whitespace-nowrap text-sm focus-visible:outline-none focus-visible:ring-1 focus-visible:ring-ring disabled:pointer-events-none disabled:opacity-50 text-white active:bg-brand-active h-9 bg-brand-active hover:bg-white hover:text-brand-active transition-all duration-300 px-8 py-3 rounded-full shadow-md hover:shadow-lg","children":[["$","span",null,{"className":"font-medium","children":"Go to Exam"}],["$","svg",null,{"width":"15","height":"15","viewBox":"0 0 15 15","fill":"none","xmlns":"http://www.w3.org/2000/svg","className":"ml-2 size-4 transition-transform duration-300","children":["$","path",null,{"d":"M6.1584 3.13508C6.35985 2.94621 6.67627 2.95642 6.86514 3.15788L10.6151 7.15788C10.7954 7.3502 10.7954 7.64949 10.6151 7.84182L6.86514 11.8418C6.67627 12.0433 6.35985 12.0535 6.1584 11.8646C5.95694 11.6757 5.94673 11.3593 6.1356 11.1579L9.565 7.49985L6.1356 3.84182C5.94673 3.64036 5.95694 3.32394 6.1584 3.13508Z","fill":"currentColor","fillRule":"evenodd","clipRule":"evenodd"}]}]]}]}]]}]]}],["$","div",null,{"className":"mx-auto max-w-[740px] space-y-8","children":[["$","h1",null,{"className":"font-heading text-2xl font-bold text-stone-800","children":"SPLK-5001 Exam - Question 57"}],["$","hr",null,{"className":"border-stone-200"}],["$","article",null,{"className":"prose prose-sm prose-stone max-w-full md:prose-base","dangerouslySetInnerHTML":{"__html":"

An analyst investigates an IDS alert and confirms suspicious traffic to a known malicious IP. What Enterprise Security data model would they use to investigate which process initiated the network connection?

"}}]]}],[["$","fieldset",null,{"className":"prose prose-sm prose-stone mx-auto max-w-[740px] space-y-4 rounded bg-muted/60 p-4 md:prose-base","children":[["$","label","8q8Lna0nSa",{"className":"flex items-start gap-1.5 md:gap-2 p-4 rounded transition-all duration-300 cursor-pointer bg-white focus:bg-muted/50 focus:outline-none focus:ring-2 focus:ring-brand/40 has-[:checked]:bg-blue-100","htmlFor":"option-0","children":[["$","div",null,{"className":"flex items-center","children":[["$","input",null,{"type":"checkbox","id":"option-0","name":"option-0","className":"rounded-full size-3 md:size-3.5 transition-colors duration-300 appearance-none border border-gray-300 checked:bg-brand checked:border-brand focus:outline-none focus:ring-2 focus:ring-brand/40"}],["$","span",null,{"className":"ml-1.5 font-semibold md:ml-2.5","children":["A","."]}]]}],["$","div",null,{"className":"prose prose-sm prose-stone md:prose-base","dangerouslySetInnerHTML":{"__html":"

Endpoint

"}}]]}],["$","label","91eyaSiHDT",{"className":"flex items-start gap-1.5 md:gap-2 p-4 rounded transition-all duration-300 cursor-pointer bg-white focus:bg-muted/50 focus:outline-none focus:ring-2 focus:ring-brand/40 has-[:checked]:bg-blue-100","htmlFor":"option-1","children":[["$","div",null,{"className":"flex items-center","children":[["$","input",null,{"type":"checkbox","id":"option-1","name":"option-1","className":"rounded-full size-3 md:size-3.5 transition-colors duration-300 appearance-none border border-gray-300 checked:bg-brand checked:border-brand focus:outline-none focus:ring-2 focus:ring-brand/40"}],["$","span",null,{"className":"ml-1.5 font-semibold md:ml-2.5","children":["B","."]}]]}],["$","div",null,{"className":"prose prose-sm prose-stone md:prose-base","dangerouslySetInnerHTML":{"__html":"

Authentication

"}}]]}],["$","label","qq0SbzaH5D",{"className":"flex items-start gap-1.5 md:gap-2 p-4 rounded transition-all duration-300 cursor-pointer bg-white focus:bg-muted/50 focus:outline-none focus:ring-2 focus:ring-brand/40 has-[:checked]:bg-blue-100","htmlFor":"option-2","children":[["$","div",null,{"className":"flex items-center","children":[["$","input",null,{"type":"checkbox","id":"option-2","name":"option-2","className":"rounded-full size-3 md:size-3.5 transition-colors duration-300 appearance-none border border-gray-300 checked:bg-brand checked:border-brand focus:outline-none focus:ring-2 focus:ring-brand/40"}],["$","span",null,{"className":"ml-1.5 font-semibold md:ml-2.5","children":["C","."]}]]}],["$","div",null,{"className":"prose prose-sm prose-stone md:prose-base","dangerouslySetInnerHTML":{"__html":"

Network traffic

"}}]]}],["$","label","e0yDqCbLfP",{"className":"flex items-start gap-1.5 md:gap-2 p-4 rounded transition-all duration-300 cursor-pointer bg-white focus:bg-muted/50 focus:outline-none focus:ring-2 focus:ring-brand/40 has-[:checked]:bg-blue-100","htmlFor":"option-3","children":[["$","div",null,{"className":"flex items-center","children":[["$","input",null,{"type":"checkbox","id":"option-3","name":"option-3","className":"rounded-full size-3 md:size-3.5 transition-colors duration-300 appearance-none border border-gray-300 checked:bg-brand checked:border-brand focus:outline-none focus:ring-2 focus:ring-brand/40"}],["$","span",null,{"className":"ml-1.5 font-semibold md:ml-2.5","children":["D","."]}]]}],["$","div",null,{"className":"prose prose-sm prose-stone md:prose-base","dangerouslySetInnerHTML":{"__html":"

Web

"}}]]}]]}],["$","div",null,{"className":"mx-auto max-w-[740px]","children":["$","details",null,{"className":"group","children":[["$","summary",null,{"className":"flex h-10 w-fit cursor-pointer items-center justify-center gap-2 rounded-full bg-brand px-8 font-heading text-sm font-medium text-white hover:bg-brand/90","children":[["$","span",null,{"className":"group-open:hidden","children":"Show Answer"}],["$","span",null,{"className":"hidden group-open:inline","children":"Hide Answer"}]]}],["$","div",null,{"className":"prose prose-sm prose-stone mx-auto mt-4 max-w-[740px] overflow-hidden pb-6 pt-2 md:prose-base","children":[["$","span",null,{"className":"font-medium","children":"Correct Answer: "}],["$","p",null,{"children":""}]]}]]}]}]]]}],"$L28"]}]}]]

SPLK-5001 Exam - Question 57

Discussion