SPLK-1005試験無料問題集（82題）「Splunk Cloud Certified Admin 認定」

出題：1

How are HTTP Event Collector (HEC) tokens configured in a managed Splunk Cloud environment?

A. Obtain a token from the organization's application developers and apply it in Settings > Data Inputs > HTTP Event Collector > New Token.

B. Any token will be accepted by HEC, the data may just end up in the wrong index.

C. A token is generated when configuring a HEC input, which should be provided to the application developers.

D. Open a support case for each new data input and a token will be provided.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

When creating a new index, which of the following is true about archiving expired events?

A. Store expired events in private AWS-based storage.

B. Archive some expired events from an index and discard others.

C. Expired events cannot be archived.

D. Store expired events on-prem using your own storage systems.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Which of the following is a correct statement about Universal Forwarders?

A. The Universal Forwarder must be able to contact the license master.

B. A Universal Forwarder must connect to Splunk Cloud via a Heavy Forwarder.

C. A Universal Forwarder can be an Intermediate Forwarder.

D. The default output bandwidth is 500KBps.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

In what scenarios would transforms.conf be used?

A. Per-Event Sourcetype, Per-Event Host Name, Per-Event Index Routing

B. Per-Event Sourcetype, Per-Event Index Routing, Applying Event Types

C. Per-Event Index Routing, Applying Event Types, SEOCMD operations

D. Per-Event Host Name, Per-Event Index Rooting, SEDCMD operations

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Where can an administrator download the Splunk Cloud Universal Forwarder credentials package?

A. Universal Forwarder app in the Splunk Cloud search head.

B. Cloud Monitoring Console forwarder drop-down.

C. Splunkbase.

D. Splunk Support.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Files from multiple systems are being stored on a centralized log server. The files are organized into directories based on the original server they came from. Which of the following is a recommended approach for correctly setting the host values based on their origin?

A. Set host = * in the monitor stanza.

B. The host value cannot be dynamically set.

C. Use the host segment, setting.

D. Manually create a separate monitor stanza for each host, with the nose = value set.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

What is a private app?

A. An app where only a specific role has read and write access.

B. An app that is created and used only by a specific organization.

C. An app where only a specific role has read access.

D. An app that is only viewable by a specific user.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Which of the following are default Splunk Cloud user roles?

A. can delete, users, admin

B. apps, power, sc_admin

C. power, user, admin

D. must_delete, power, sc_admin

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

SPLK-1005試験無料問題集「Splunk Cloud Certified Admin 認定」