ExamGecko
Search Search Login
Home Home / Splunk / SPLK-3002
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following are the default ports that must be configured on Splunk to use ITSI?
There are two departments using ITSI. Finance and Sales. Analysts in each department should not be allowed to see each other's services. What are the role configuration steps required to accomplish this?
Which of the following statements is accurate when using multiple policies?
When in maintenance mode, which of the following is accurate?
Besides creating notable events, what are the default alert actions a correlation search can execute? (Choose all that apply.)
ITSI Saved Search Scheduling is configured to use realtime_schedule = 0. Which statement is accurate about this configuration?
When troubleshooting KPI search performance, which search names in job activity identify base searches?
Which of the following is a good use case for creating a custom module?
When working with a notable event group in the Notable Events Review dashboard, which of the following can be set at the individual or group level?
There are two Smart Mode configuration settings that control how fields affect grouping. Which of these is correct?

Question 89 - SPLK-3002 discussion

Report
Export

Which of the following items describe ITSI teams? (select all that apply)

A.
Teams should have itoa admin roles added with read-only permissions for services and entities.
Answers
A.
Teams should have itoa admin roles added with read-only permissions for services and entities.
B.
Services should be assigned to the 'global' team if all users need access to it.
Answers
B.
Services should be assigned to the 'global' team if all users need access to it.
C.
By default, all services are owned by the built-in 'global' team and administered by the 'itoa_admin' role.
Answers
C.
By default, all services are owned by the built-in 'global' team and administered by the 'itoa_admin' role.
D.
A new team admin role should be created for each team. The new role should inherit the 'itoa_team_admin' role.
Answers
D.
A new team admin role should be created for each team. The new role should inherit the 'itoa_team_admin' role.
Suggested answer: B, C, D

Explanation:

In Splunk IT Service Intelligence (ITSI), teams are used to organize services, KPIs, and other objects within ITSI to facilitate access control and management:

B) Services should be assigned to the 'global' team if all users need access to it: The 'global' team in ITSI is a built-in concept that denotes universal accessibility. Assigning services to the 'global' team makes them accessible to all ITSI users, irrespective of their specific team memberships. This is useful for services that are relevant across the entire organization.

C) By default, all services are owned by the built-in 'global' team and administered by the 'itoa_admin' role: This default setting ensures that upon creation, services are accessible to administrators and can be further re-assigned or refined for access by specific teams as needed.

D) A new team admin role should be created for each team. The new role should inherit the 'itoa_team_admin' role: This best practice allows for granular access control and management within teams. Each team can have its own administrators with the appropriate level of access and permissions tailored to the needs of that team, derived from the capabilities of the 'itoa_team_admin' role.

The concept of adding 'itoa admin roles' with read-only permissions contradicts the typical use case for administrative roles, which usually require more than read-only access to manage services and entities effectively.

Show Answer
asked 23/09/2024
Gopakumar Nair
39 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms