Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CS > Investigate App > Flashcards

Investigate App Flashcards

1
Q

Search by Host Name or Agent ID

A

Host Search

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Recommended range is 3 days

A

Host Search

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Local IP

A

Host Info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Product Type

A

Host Info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Model

A

Host Info

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

File Name

A

Detect History

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Scenario

A

Detect History

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Description of the detection

A

Detect History

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Logon Activities (30 days)

A

User Search

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Detect History (30 days)

A

User Search (also Hash Search)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Unresolved Detects (7 days)

A

User Search (also Hash Search)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Process Executions

A

User Search (also Hash Search)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Admin Tool Usage

A

User Search

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Files written such as JAR, OLE, OOXML, PDF, RAR, RTF, ZIP and dumps

A

User Search

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Search for multiple space-delimited hashes

A

Hash Execution Search

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Provides a summary of files that have been loaded or executed and the number of times those actions have occurred.

A

Hash Execution Search

17
Q

Search by hash across all OSs

A

Hash Search

18
Q

search by hash for exe and DLLs, not PDF or Doc

A

Hash Search

19
Q

Hash written history for sha 256 only

A

Hash Search

20
Q

Module Load History

A

Hash Search

21
Q

Process Execution History

A

Hash Search (also User Search)

22
Q

Detect history (14 days)

A

Hash Search (also User Search)

23
Q

Unresolved detects (7 days)

A

Hash Search (also User Search)

24
Q

search for host info by Source IP, Destination IP or External IP

25
Search by 192.* OR CIDR
IP Search
26
search for detect and process execution history involving a domain or list of domains
Bulk Domain Search
27
allows you to use * goo* and search up to 100 domains at a time
Bulk Domain Search
28
Includes reports and searches to view data collected from endpoints, uses splunk query language
Event Search

CS (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions