CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Splunk®
  5. SPLK-3001

Free SPLK-3001 Exam Braindumps (page: 2)

Page 1 of 22
PDF with 100 Questions

The Add-On Builder creates Splunk Apps that start with what?

  1. DA-
  2. SA-
  3. TA-
  4. App-

Answer(s): C


Reference:

https://dev.splunk.com/enterprise/docs/developapps/enterprisesecurity/abouttheessolution/



Which of the following are examples of sources for events in the endpoint security domain dashboards?

  1. REST API invocations.
  2. Investigation final results status.
  3. Workstations, notebooks, and point-of-sale systems.
  4. Lifecycle auditing of incidents, from assignment to resolution.

Answer(s): D


Reference:

https://docs.splunk.com/Documentation/ES/6.1.0/User/EndpointProtectionDomaindashboards



When creating custom correlation searches, what format is used to embed field values in the title, description, and drill-down fields of a notable event?

  1. $fieldname$
  2. “fieldname”
  3. %fieldname%
  4. _fieldname_

Answer(s): C


Reference:

https://docs.splunk.com/Documentation/ITSI/4.4.2/Configure/Createcorrelationsearch



What feature of Enterprise Security downloads threat intelligence data from a web server?

  1. Threat Service Manager
  2. Threat Download Manager
  3. Threat Intelligence Parser
  4. Threat Intelligence Enforcement

Answer(s): B






Post your Comments and Discuss Splunk® SPLK-3001 exam with other Community members:

SPLK-3001 Discussions & Posts