A Review Of Certified SPLK-1005 Exam Question

NEW QUESTION 1
What is the name of the time standard that is the basis for time and time zones worldwide and does not change for Daylight Saving Time (DST)?

• A. GMT
• B. UTC
• C. PST
• D. BST

Answer: B

NEW QUESTION 2
What is the default value of the LINE_BREAKER setting that splits the incoming stream of data into separate lines?

• A. Any sequence of newlines and carriage returns
• B. Any sequence of spaces and tabs
• C. Any sequence of punctuation marks
• D. Any sequence of alphanumeric characters

Answer: A

NEW QUESTION 3
What is the name of the process that breaks the stream of raw data into individual lines called events?

• A. Line breaking
• B. Event annotation
• C. Event transformation
• D. Timestamp extraction

Answer: A

NEW QUESTION 4
What is the name of the Splunk Cloud feature that allows you to perform self-service administrative tasks such as creating indexes, inputs, and roles?

• A. Admin Config Service
• B. Admin Console
• C. Admin Dashboard
• D. Admin Toolkit

Answer: A

NEW QUESTION 5
What is the name of the configuration file where you can define data transformations using regular expressions and other attributes?

• A. limits.conf
• B. props.conf
• C. inputs.conf
• D. transforms.conf

Answer: D

NEW QUESTION 6
What is the name of the Splunk Enterprise feature that provides a security data and event management (SIEM) solution that uses machine data to detect and respond to threats?

• A. Splunk Enterprise Security
• B. Splunk Enterprise Intelligence
• C. Splunk Enterprise Analytics
• D. Splunk Enterprise Monitoring

Answer: A

NEW QUESTION 7
Which command can be used to add a data input using the CLI?

• A. splunk add input
• B. splunk add monitor
• C. splunk add data
• D. splunk add source

Answer: B

NEW QUESTION 8
Which configuration file determines how a universal forwarder forwards data to the indexer?

• A. inputs.conf
• B. outputs.conf
• C. props.conf
• D. transforms.conf

Answer: B

NEW QUESTION 9
Which input type can be used to monitor Windows Registry Values for changes?

• A. WinRegMon
• B. WinRegistry
• C. WinRegValue
• D. WinRegChange

Answer: A

NEW QUESTION 10
What is the name of the tab in Splunk Web where you can set the indexes that a role can access?

• A. Inheritance
• B. Capabilities
• C. Indexes
• D. Restrictions

Answer: C

NEW QUESTION 11
What is the name of the dashboard that provides information on incoming data consumption and indexing rate for your Splunk Cloud Platform deployment?

• A. Indexing Performance
• B. Indexing Quality
• C. Indexing Status
• D. Indexing Overview

Answer: A

NEW QUESTION 12
What is the name of the option that you need to check in Splunk Web to enable LDAP authentication for your Splunk Cloud Platform deployment?

• A. LDAP
• B. External
• C. LDAP/External
• D. External/LDAP

Answer: C

NEW QUESTION 13
What is the name of the attribute that you need to set to true in the [search] stanza of the limits.conf file to enable Data Preview?

• A. timeline_events_preview
• B. data_preview_enabled
• C. show_data_preview
• D. enable_data_preview

Answer: A

NEW QUESTION 14
Which feature of forwarders can prevent data loss in case of network failure or congestion?

• A. Data compression
• B. SSL security
• C. Configurable buffering
• D. Persistent queues

Answer: D

NEW QUESTION 15
Which command can be used to install a universal forwarder on a Linux system?

• A. splunk install forwarder
• B. splunk forwarder install
• C. splunk add forward-server
• D. splunk enable boot-start

Answer: A

NEW QUESTION 16
Which feature allows a light forwarder to reduce the amount of data sent to the indexer by discarding some events or fields?

• A. Data cloning
• B. Data filtering
• C. Data sampling
• D. Data masking

Answer: C

NEW QUESTION 17
......