You are conducting an investigation of fraudulent claims in an insurance company that involves complex text searches through large numbers of documents. Which of the following tools would allow you to quickly and efficiently search for a string within a file on the bitmap image of the target computer?

When investigating a computer forensics case where Microsoft Exchange and Blackberry Enterprise server are used, where would investigator need to search to find email sent from a Blackberry device?

Which of the following attacks allows an attacker to access restricted directories, including application source code, configuration and critical system files, and to execute commands outside of the web server's root directory?

Data is striped at a byte level across multiple drives and parity information is distributed among all member drives.

What RAID level is represented here?

A major financial institution recently observed an unusually high number of failed login attempts on a critical server. The security analyst uses Splunk Enterprise Security (ES) to investigate the logs and suspect a possible brute-force attack. After examining the Windows Event Viewer logs, the analyst detects a series of event ID 4625 (failed logins) and event ID 4624 (successful logins).
Which of the following SIEM features would be MOST beneficial for the analyst to accurately pinpoint the source of the potential attack and investigate it further?