QUESTION: 21

What does the Security Posture dashboard display?

Active investigations and their status.
A high-level overview of notable events.
Current threats being tracked by the SO
A display of the status of security tools.

Answer(s): B

Explanation:

The Security Posture dashboard is designed to provide high-level insight into the notable events across all domains of your deployment, suitable for display in a Security Operations Center (SOC). This dashboard shows all events from the past 24 hours, along with the trends over the past 24 hours, and provides real-time event information and updates.

Reference:

https://docs.splunk.com/Documentation/ES/6.1.0/User/SecurityPosturedashboard

Reveal Solution Next Question

QUESTION: 22

“10.22.63.159”, “websvr4”, and “00:26:08:18: CF:1D” would be matched against what in ES?

A user.
A device.
An asset.
An identity.

Answer(s): B

Reveal Solution Next Question

QUESTION: 23

How should an administrator add a new lookup through the ES app?

Upload the lookup file in Settings -> Lookups -> Lookup Definitions
Upload the lookup file in Settings -> Lookups -> Lookup table files
Add the lookup file to /etc/apps/SplunkEnterpriseSecuritySuite/lookups
Upload the lookup file using Configure -> Content Management -> Create New Content -> Managed Lookup

Answer(s): D

Reference:

https://docs.splunk.com/Documentation/ES/6.1.0/Admin/Createlookups

Reveal Solution Next Question

QUESTION: 24

Glass tables can display static images and text, the results of ad-hoc searches, and which of the following objects?

Lookup searches.
Summarized data.
Security metrics.
Metrics store searches.

Answer(s): C

Reference:

https://docs.splunk.com/Documentation/ES/6.1.0/User/CreateGlassTable

Reveal Solution Next Question

Free SPLK-3001 Exam Braindumps (page: 7)

QUESTION: 21

Explanation:

Reference:

QUESTION: 22

QUESTION: 23

Reference:

QUESTION: 24

Reference:

SPLK-3001 Discussions & Posts