SPLK-1003 Online Practice Questions and Answers
Which of the following are supported configuration methods to add inputs on a forwarder? (select all that apply)
A. CLI
B. Edit inputs . conf
C. Edit forwarder.conf
D. Forwarder Management
What is the correct order of steps in Duo Multifactor Authentication?
A. 1 Request Login
2. Connect to SAML server
3 Duo MFA
4 Create User session
5 Authentication Granted 6. Log into Splunk
B. 1. Request Login 2 Duo MFA
3. Authentication Granted 4 Connect to SAML server
5.
Log into Splunk
6.
Create User session
C. 1 Request Login 2 Check authentication / group mapping 3 Authentication Granted
4.
Duo MFA
5.
Create User session
6.
Log into Splunk
D. 1 Request Login 2 Duo MFA
3. Check authentication / group mapping
4 Create User session
5. Authentication Granted
6 Log into Splunk
Which Splunk indexer operating system platform is supported when sending logs from a Windows universal forwarder?
A. Any OS platform
B. Linux platform only
C. Windows platform only.
D. None of the above.
Which of the following indexes come pre-configured with Splunk Enterprise? (select all that apply)
A. _license
B. _lnternal
C. _external
D. _thefishbucket
Which of the following apply to how distributed search works? (select all that apply)
A. The search head dispatches searches to the peers
B. The search peers pull the data from the forwarders.
C. Peers run searches in parallel and return their portion of results.
D. The search head consolidates the individual results and prepares reports
Which authentication methods are natively supported within Splunk Enterprise? (select all that apply)
A. LDAP
B. SAML
C. RADIUS
D. Duo Multifactor Authentication
Which is a valid stanza for a network input?
A. [udp://172.16.10.1:9997] connection = dns sourcetype = dns
B. [any://172.16.10.1:10001] connection_host = ip sourcetype = web
C. [tcp://172.16.10.1:9997] connection_host = web sourcetype = web
D. [tcp://172.16.10.1:10001] connection_host = dns sourcetype = dns
In a distributed environment, which Splunk component is used to distribute apps and configurations to the other Splunk instances?
A. Indexer
B. Deployer
C. Forwarder
D. Deployment server
How is a remote monitor input distributed to forwarders?
A. As an app.
B. As a forward.conf file.
C. As a monitor.conf file.
D. As a forwarder monitor profile.
How is data handled by Splunk during the input phase of the data ingestion process?
A. Data is treated as streams.
B. Data is broken up into events.
C. Data is initially written to disk.
D. Data is measured by the license meter.
Which of the following statements accurately describes using SSL to secure the feed from a forwarder?
A. It does not encrypt the certificate password.
B. SSL automatically compresses the feed by default.
C. It requires that the forwarder be set to compressed=true.
D. It requires that the receiver be set to compression=true.
What is the default value of LINE_BREAKER?
A. \r\n
B. ([\r\n]+)
C. \r+\n+
D. (\r\n+)
What are the values for host and index for [stanza1] used by Splunk during index time, given the following configuration files?
A. host=server1 index=unixinfo
B. host=server1 index=searchinfo
C. host=searchsvr1 index=searchinfo
D. host=unixsvr1 index=unixinfo
Using the CLI on the forwarder, how could the current forwarder to indexer configuration be viewed?
A. splunk btool server list --debug
B. splunk list forward-indexer
C. splunk list forward-server
D. splunk btool indexes list --debug
A new forwarder has been installed with a manually created deploymentclient.conf.
What is the next step to enable the communication between the forwarder and the deployment server?
A. Restart Splunk on the deployment server.
B. Enable the deployment client in Splunk Web under Forwarder Management.
C. Restart Splunk on the deployment client.
D. Wait for up to the time set in the phoneHomeIntervalInSecs setting.
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
• 6000+ PDF and VCE exam dumps
• 6000+ Free demo downloads available
• 50+ Preparation Labs
• 20+ Representatives Providing 24/7 Support
Copyright © 2004-2024 certbus.com, All Rights Reserved.