Which of the following options is most likely to help performance?
A customer site is experiencing poor performance. The UI response time is high and searches take a very long time to run. Some operations time out and there are errors in the scheduler logs, indicating too many concurrent searches are being started. 6 total correlation searches are scheduled and they...
Which of the following is an adaptive action that is configured by default for ES?
Which of the following is an adaptive action that is configured by default for ES?A . Create notable eventB . Create new correlation searchC . Create investigationD . Create new assetView AnswerAnswer: B
If a username does not match the ‘identity’ column in the identities list, which column is checked next?
If a username does not match the ‘identity’ column in the identities list, which column is checked next?A . Email.B . NicknameC . IP address.D . Combination of Last Name, First Name.View AnswerAnswer: A
What is the first step when preparing to install ES?
What is the first step when preparing to install ES?A . Install EC . Determine the data sources used.D . Determine the hardware required.E . Determine the size and scope of installation.View AnswerAnswer: D
Where should an ES search head be installed?
Where should an ES search head be installed?A . On a Splunk server with top level visibility.B . On any Splunk server.C . On a server with a new install of Splunk.D . On a Splunk server running Splunk DB Connect.View AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/ES/6.4.1/Admin/Export
What is the bar across the bottom of any ES window?
What is the bar across the bottom of any ES window?A . The Investigator Workbench.B . The Investigation Bar.C . The Analyst Bar.D . The Compliance Bar.View AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/ES/6.4.1/User/Startaninvestigation
How is it possible to navigate to the ES graphical Navigation Bar editor?
How is it possible to navigate to the ES graphical Navigation Bar editor?A . Configure -> Navigation MenuB . Configure -> General -> NavigationC . Settings -> User Interface -> Navigation -> Click on “Enterprise Security”D . Settings -> User Interface -> Navigation Menus -> Click on “default” next to...
What are adaptive responses triggered by?
What are adaptive responses triggered by?A . By correlation searches and users on the incident review dashboard.B . By correlation searches and custom tech add-ons.C . By correlation searches and users on the threat analysis dashboard.D . By custom tech add-ons and users on the risk analysis dashboard.View AnswerAnswer: D
Which of the following steps will make the Threat Activity dashboard the default landing page in ES?
Which of the following steps will make the Threat Activity dashboard the default landing page in ES?A . From the Edit Navigation page, drag and drop the Threat Activity view to the top of the page.B . From the Preferences menu for the user, select Enterprise Security as the default...
The Add-On Builder creates Splunk Apps that start with what?
The Add-On Builder creates Splunk Apps that start with what?A . DA-B . SA-C . TA-D . App-View AnswerAnswer: C Explanation: Reference: https://dev.splunk.com/enterprise/docs/developapps/enterprisesecurity/abouttheessolution/