The Add-On Builder creates Splunk Apps that start with what?
Correct Answer:
C
Reference: https://dev.splunk.com/enterprise/docs/developapps/enterprisesecurity/abouttheessolution/
An administrator wants to ensure that none of the ES indexed data could be compromised through tampering. What feature would satisfy this requirement?
Correct Answer:
B
Reference: https://answers.splunk.com/answers/790783/anti-tampering-features-to-protect-splunk-logs-the.html
Which data model populated the panels on the Risk Analysis dashboard?
Correct Answer:
A
Reference: https://docs.splunk.com/Documentation/ES/6.1.0/User/RiskAnalysis#Dashboard_panels
In order to include an eventtype in a data model node, what is the next step after extracting the correct fields?
Correct Answer:
C
Reference: https://docs.splunk.com/Documentation/CIM/4.15.0/User/UsetheCIMtonormalizeOSSECdata
The Brute Force Access Behavior Detected correlation search is enabled, and is generating many false positives. Assuming the input data has already been validated. How can the correlation search be made less sensitive?
Correct Answer:
B
Reference: https://docs.splunk.com/Documentation/ES/6.1.0/User/Howurgencyisassigned