- All Exams Instant Download
How is it possible to navigate to the list of currently-enabled ES correlation searches?
How is it possible to navigate to the list of currently-enabled ES correlation searches?A . Configure -> Correlation Searches -> Select Status “Enabled”B . Settings -> Searches, Reports, and Alerts -> Filter by Name of “Correlation”C . Configure -> Content Management -> Select Type “Correlation” and Status “Enabled”D . Settings...
Which of the following are the default ports that must be configured for Splunk Enterprise Security to function?
Which of the following are the default ports that must be configured for Splunk Enterprise Security to function?A . SplunkWeb (8068), Splunk Management (8089), KV Store (8000)B . SplunkWeb (8390), Splunk Management (8323), KV Store (8672)C . SplunkWeb (8000), Splunk Management (8089), KV Store (8191)D . SplunkWeb (8043), Splunk Management...
How would the admin restrict these users from being able to change the status of Resolved notable events to closed?
Following the Installation of ES, an admin configured Leers with the ©ss_uso r role the ability to close notable events. How would the admin restrict these users from being able to change the status of Resolved notable events to closed?A . From the Status Configuration window select the Resolved status....
Adaptive response action history is stored in which index?
Adaptive response action history is stored in which index?A . cim_modactionsB . modular_historyC . cim_adaptiveactionsD . modular_action_historyView AnswerAnswer: A Explanation: Reference: https://docs.splunk.com/Documentation/ES/6.1.0/Install/Indexes
What is the first step when preparing to install ES?
What is the first step when preparing to install ES?A . Install EC . Determine the data sources used.D . Determine the hardware required.E . Determine the size and scope of installation.View AnswerAnswer: D
After managing source types and extracting fields, which key step comes next In the Add-On Builder?
After managing source types and extracting fields, which key step comes next In the Add-On Builder?A . Validate and packageB . Configure data collection.C . Create alert actions.D . Map to data models.View AnswerAnswer: D
Which of the following actions can improve overall search performance?
Which of the following actions can improve overall search performance?A . Disable indexed real-time search.B . Increase priority of all correlation searches.C . Reduce the frequency (schedule) of lower-priority correlation searches.D . Add notable event suppressions for correlation searches with high numbers of false positives.View AnswerAnswer: A
Where is it possible to export content, such as correlation searches, from ES?
Where is it possible to export content, such as correlation searches, from ES?A . Content exporterB . Configure -> Content ManagementC . Export content dashboardD . Settings Menu -> ES -> ExportView AnswerAnswer: B Explanation: Reference: https://docs.splunk.com/Documentation/ES/6.1.0/Admin/Export
If a username does not match the ‘identity’ column in the identities list, which column is checked next?
If a username does not match the ‘identity’ column in the identities list, which column is checked next?A . Email.B . NicknameC . IP address.D . Combination of Last Name, First Name.View AnswerAnswer: C
Which dashboards will now be supported so analysts can view and analyze network Stream data?
Analysts have requested the ability to capture and analyze network traffic data. The administrator has researched the documentation and, based on this research, has decided to integrate the Splunk App for Stream with ES. Which dashboards will now be supported so analysts can view and analyze network Stream data?A ....
