The Add-On Builder creates Splunk Apps that start with what?
A.
A. DAB.
B.
SAC.
C.
TAD.
D.
App-
TAD.
What is the maximum recommended volume of indexing per day, per indexer, for a noncloud (on-prem) ES deployment?
A.
50 GB
B.
100 GB
C.
300 GB
D.
500 MB
100 GB
Reference: https://docs.splunk.com/Documentation/ITSI/4.4.2/Install/Plan
What does the Security Posture dashboard display?
A.
Active investigations and their status.
B.
A high-level overview of notable events.
C.
Current threats being tracked by the SOC.
D.
A display of the status of security tools.
A high-level overview of notable events.
Explanation:
The Security Posture dashboard is designed to provide high-level insight into the notable
events across all domains of your deployment, suitable for display in a Security Operations
Center (SOC). This dashboard
Reference:
https://docs.splunk.com/Documentation/ES/6.1.0/User/SecurityPosturedashboard
What does the risk framework add to an object (user, server or other type) to indicate increased risk?
A.
An urgency.
B.
A risk profile.
C.
An aggregation.
D.
A numeric score.
A numeric score.
Reference: https://docs.splunk.com/Documentation/ES/6.1.0/User/RiskScoring
The option to create a Short ID for a notable event is located where?
A.
The Additional Fields.
B.
The Event Details.
C.
The Contributing Events.
D.
The Description.
The Event Details.
https://docs.splunk.com/Documentation/ES/6.4.1/User/Takeactiononanotableevent
ES needs to be installed on a search head with which of the following options?
A.
No other apps.
B.
Any other apps installed.
C.
All apps removed except for TA-*.
D.
Only default built-in and CIM-compliant apps.
Any other apps installed.
Reference: https://docs.splunk.com/Documentation/ES/6.1.0/User/Howurgencyisassigned
| Page 2 out of 17 Pages |
| Previous |
Contact Us - Privacy Policy ... Copyright © - All Rights Reserved