ExamGecko
Home / Splunk / SPLK-5001 / List of questions
Ask Question

Splunk SPLK-5001 Practice Test - Questions Answers, Page 4

Add to Whishlist

List of questions

Question 31

Report Export Collapse

What device typically sits at a network perimeter to detect command and control and other potentially suspicious traffic?

Host-based firewall
Host-based firewall
Web proxy
Web proxy
Endpoint Detection and Response
Endpoint Detection and Response
Intrusion Detection System
Intrusion Detection System
Suggested answer: D
asked 23/09/2024
mohammed rafiuddin
41 questions

Question 32

Report Export Collapse

Upon investigating a report of a web server becoming unavailable, the security analyst finds that the web server's access log has the same log entry millions of times:

147.186.119.200 - - [28/Jul/2023:12:04:13 -0300] 'GET /login/ HTTP/1.0' 200 3733

What kind of attack is occurring?

Denial of Service Attack
Denial of Service Attack
Distributed Denial of Service Attack
Distributed Denial of Service Attack
Cross-Site Scripting Attack
Cross-Site Scripting Attack
Database Injection Attack
Database Injection Attack
Suggested answer: B
asked 23/09/2024
Rui Afonso
38 questions

Question 33

Report Export Collapse

According to David Bianco's Pyramid of Pain, which indicator type is least effective when used in continuous monitoring?

Domain names
Domain names
TTPs
TTPs
NetworM-lost artifacts
NetworM-lost artifacts
Hash values
Hash values
Suggested answer: D
asked 23/09/2024
Susanne Hughes
37 questions

Question 34

Report Export Collapse

Splunk Enterprise Security has numerous frameworks to create correlations, integrate threat intelligence, and provide a workflow for investigations. Which framework raises the threat profile of individuals or assets to allow identification of people or devices that perform an unusual amount of suspicious activities?

Threat Intelligence Framework
Threat Intelligence Framework
Risk Framework
Risk Framework
Notable Event Framework
Notable Event Framework
Asset and Identity Framework
Asset and Identity Framework
Suggested answer: B
asked 23/09/2024
Vinayak H
38 questions

Question 35

Report Export Collapse

While the top command is utilized to find the most common values contained within a field, a Cyber Defense Analyst hunts for anomalies. Which of the following Splunk commands returns the least common values?

least
least
uncommon
uncommon
rare
rare
base
base
Suggested answer: C
asked 23/09/2024
Mahendra Belgaonkar
43 questions

Question 36

Report Export Collapse

The Lockheed Martin Cyber Kill Chain breaks an attack lifecycle into several stages. A threat actor modified the registry on a compromised Windows system to ensure that their malware would automatically run at boot time. Into which phase of the Kill Chain would this fall?

Act on Objectives
Act on Objectives
Exploitation
Exploitation
Delivery
Delivery
Installation
Installation
Suggested answer: D
asked 23/09/2024
Mohamed Hany
46 questions

Question 37

Report Export Collapse

A Risk Notable Event has been triggered in Splunk Enterprise Security, an analyst investigates the alert, and determines it is a false positive. What metric would be used to define the time between alert creation and close of the event?

MTTR (Mean Time to Respond)
MTTR (Mean Time to Respond)
MTBF (Mean Time Between Failures)
MTBF (Mean Time Between Failures)
MTTA (Mean Time to Acknowledge)
MTTA (Mean Time to Acknowledge)
MTTD (Mean Time to Detect)
MTTD (Mean Time to Detect)
Suggested answer: A
asked 23/09/2024
Leon Duke
42 questions

Question 38

Report Export Collapse

An analyst needs to create a new field at search time. Which Splunk command will dynamically extract additional fields as part of a Search pipeline?

rex
rex
fields
fields
regex
regex
eval
eval
Suggested answer: A
asked 23/09/2024
Nicolas Da Silva
47 questions

Question 39

Report Export Collapse

Which of the following is considered Personal Data under GDPR?

Become a Premium Member for full access
  Unlock Premium Member

Question 40

Report Export Collapse

What goal of an Advanced Persistent Threat (APT) group aims to disrupt or damage on behalf of a cause?

Become a Premium Member for full access
  Unlock Premium Member
Total 66 questions
Go to page: of 7
Search

Related questions