Splunk Enterprise Security Certified Admin — Question 94
Which of the following are data models used by ES? (Choose all that apply.)
Answer options
- A. Web
- B. Anomalies
- C. Authentication
- D. Network Traffic
Correct answer: B
Explanation
The correct answer is B, as 'Anomalies' refers specifically to a data model used in Elastic Security (ES) for detecting irregular patterns. The other options, while relevant in different contexts, do not represent data models used by ES.