Match the correct relationship between the Cisco Security MARS terms and their definitions.

1. queries
2. events
3. sessions
4. incidents
5. rules

A.
a series of events that share common 5-tuple information II. a series of sessions that match a defined rule
III. tools that analyze the events and sessions and generate incidents IV. raw message sent to the Cisco Security MARS appliance by the reporting devices

B.
tools that can be run in a specific moment to investigate an incident

C.
I-3,II-4,III-5,IV-2,V-1

D.
I-3,II-4,III-5,IV-1,V-2

E.
I-3,II-4,III-2,IV-5,V-1

F.
I-3,II-4,III-2,IV-1,V-5