What is the tool that has alert records linked directly to the search functionality of the Enterprise Log Search and Archive (ELSA)?
- Sguil
- Wireshark
- CapME
- Snort
Explanation: The Enterprise Log Search and Archive (ELSA) is an enterprise-level tool for allowing searching and archiving of NSM data. Searches can be executed by pivoting from Sguil to ELSA as its search functionality is directly linked to Sguil alert records.
Exam with this question: CCNA Cyber Ops Chapter 12 Exam Answers
Please login or Register to submit your answer