Refer to the exhibit. Which field in the Sguil event window indicates the number of times an event is detected for the same source and destination IP address?

Refer to the exhibit. Which field in the Sguil event window indicates the number of times an event is detected for the same source and destination IP address?

• Pr
• CNT
• AlertID
• ST

Explanation: The CNT field indicates the number of times an event is detected from the same source and destination IP address. Having a high number of events can indicated a problem with event signatures.

Exam with this question: CCNA Cyber Ops Practice Final Exam Answers
Exam with this question: CyberOps Associate Final Exam Answers
Exam with this question: Checkpoint Exam: Evaluating Security Alerts Answers