Splunk Enterprise Security Certified Admin — Question 20

Adaptive response action history is stored in which index?

Answer options

• A. cim_modactions
• B. modular_history
• C. cim_adaptiveactions
• D. modular_action_history

Correct answer: A

Explanation

The correct answer is A, cim_modactions, as it specifically stores the history of adaptive response actions. The other options do not pertain to adaptive response action history, with some being related to modular actions or history but not specifically for adaptive responses.