ExamGecko
Search Search Login
Home Home / Splunk / SPLK-3001

Splunk SPLK-3001 Practice Test - Questions Answers, Page 5

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Where are attachments to investigations stored?
Where should an ES search head be installed?
Where is the Add-On Builder available from?
Which data model populated the panels on the Risk Analysis dashboard?
Where is it possible to export content, such as correlation searches, from ES?
What feature of Enterprise Security downloads threat intelligence data from a web server?
After data is ingested, which data management step is essential to ensure raw data can be accelerated by a Data Model and used by ES?
When using distributed configuration management to create the Splunk_TA_ForIndexers package, which three files can be included?
When ES content is exported, an app with a .spl extension is automatically created. What is the best practice when exporting and importing updates to ES content?
Which settings indicated that the correlation search will be executed as new events are indexed?

Question 41

Report
Export
Collapse

If a username does not match the ‘identity’ column in the identities list, which column is checked next?

A.
Email.
A.
Email.
Answers
B.
Nickname
B.
Nickname
Answers
C.
IP address.
C.
IP address.
Answers
D.
Combination of Last Name, First Name.
D.
Combination of Last Name, First Name.
Answers
Suggested answer: A

Question 42

Report
Export
Collapse

Which of the following features can the Add-on Builder configure in a new add-on?

A.
Expire data.
A.
Expire data.
Answers
B.
Normalize data.
B.
Normalize data.
Answers
C.
Summarize data.
C.
Summarize data.
Answers
D.
Translate data.
D.
Translate data.
Answers
Suggested answer: B

Explanation:

Reference: https://docs.splunk.com/Documentation/AddonBuilder/3.0.1/UserGuide/Overview

Question 43

Report
Export
Collapse

What is the maximum recommended volume of indexing per day, per indexer, for a non-cloud (onprem) ES deployment?

A.
50 GB
A.
50 GB
Answers
B.
100 GB
B.
100 GB
Answers
C.
300 GB
C.
300 GB
Answers
D.
500 MB
D.
500 MB
Answers
Suggested answer: B

Explanation:

Reference: https://docs.splunk.com/Documentation/ITSI/4.4.2/Install/Plan

Question 44

Report
Export
Collapse

ES needs to be installed on a search head with which of the following options?

A.
No other apps.
A.
No other apps.
Answers
B.
Any other apps installed.
B.
Any other apps installed.
Answers
C.
All apps removed except for TA-*.
C.
All apps removed except for TA-*.
Answers
D.
Only default built-in and CIM-compliant apps.
D.
Only default built-in and CIM-compliant apps.
Answers
Suggested answer: D

Explanation:

Reference: https://docs.splunk.com/Documentation/ES/6.1.0/Install/InstallEnterpriseSecurity

Question 45

Report
Export
Collapse

Which settings indicated that the correlation search will be executed as new events are indexed?

A.
Always-On
A.
Always-On
Answers
B.
Real-Time
B.
Real-Time
Answers
C.
Scheduled
C.
Scheduled
Answers
D.
Continuous
D.
Continuous
Answers
Suggested answer: C

Explanation:

Reference: https://docs.splunk.com/Documentation/ES/6.1.0/Admin/Configurecorrelationsearches

Question 46

Report
Export
Collapse

Where are attachments to investigations stored?

A.
KV Store
A.
KV Store
Answers
B.
notable index
B.
notable index
Answers
C.
attachments.csv lookup
C.
attachments.csv lookup
Answers
D.
<splunk_home>/etc/apps/SA-Investigations/default/ui/views/attachments
D.
<splunk_home>/etc/apps/SA-Investigations/default/ui/views/attachments
Answers
Suggested answer: A

Explanation:

Reference: https://docs.splunk.com/Documentation/ES/6.1.0/Admin/Manageinvestigations

Question 47

Report
Export
Collapse

Which data model populated the panels on the Risk Analysis dashboard?

A.
Risk
A.
Risk
Answers
B.
Audit
B.
Audit
Answers
C.
Domain analysis
C.
Domain analysis
Answers
D.
Threat intelligence
D.
Threat intelligence
Answers
Suggested answer: A

Explanation:

Reference: https://docs.splunk.com/Documentation/ES/6.1.0/User/RiskAnalysis#Dashboard_panels

Question 48

Report
Export
Collapse

How is it possible to navigate to the ES graphical Navigation Bar editor?

A.
Configure -> Navigation Menu
A.
Configure -> Navigation Menu
Answers
B.
Configure -> General -> Navigation
B.
Configure -> General -> Navigation
Answers
C.
Settings -> User Interface -> Navigation -> Click on “Enterprise Security”
C.
Settings -> User Interface -> Navigation -> Click on “Enterprise Security”
Answers
D.
Settings -> User Interface -> Navigation Menus -> Click on “default” next to SplunkEnterpriseSecuritySuite
D.
Settings -> User Interface -> Navigation Menus -> Click on “default” next to SplunkEnterpriseSecuritySuite
Answers
Suggested answer: B

Explanation:

Reference: https://docs.splunk.com/Documentation/ES/6.1.0/Admin/

Customizemenubar#Restore_the_default_navigation

Question 49

Report
Export
Collapse

An administrator is provisioning one search head prior to installing ES. What are the reference minimum requirements for OS, CPU, and RAM for that machine?

A.
OS: 32 bit, RAM: 16 MB, CPU: 12 cores
A.
OS: 32 bit, RAM: 16 MB, CPU: 12 cores
Answers
B.
OS: 64 bit, RAM: 32 MB, CPU: 12 cores
B.
OS: 64 bit, RAM: 32 MB, CPU: 12 cores
Answers
C.
OS: 64 bit, RAM: 12 MB, CPU: 16 cores
C.
OS: 64 bit, RAM: 12 MB, CPU: 16 cores
Answers
D.
OS: 64 bit, RAM: 32 MB, CPU: 16 cores
D.
OS: 64 bit, RAM: 32 MB, CPU: 16 cores
Answers
Suggested answer: C

Explanation:

Reference: https://docs.splunk.com/Documentation/Splunk/8.0.2/Capacity/Referencehardware

Question 50

Report
Export
Collapse

What tools does the Risk Analysis dashboard provide?

A.
High risk threats.
A.
High risk threats.
Answers
B.
Notable event domains displayed by risk score.
B.
Notable event domains displayed by risk score.
Answers
C.
A display of the highest risk assets and identities.
C.
A display of the highest risk assets and identities.
Answers
D.
Key indicators showing the highest probability correlation searches in the environment.
D.
Key indicators showing the highest probability correlation searches in the environment.
Answers
Suggested answer: C

Explanation:

Reference: https://docs.splunk.com/Documentation/ES/6.1.0/User/RiskAnalysis

Total 99 questions
Go to page: of 10
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms