SPLK-1005試験無料問題集（82題）「Splunk Cloud Certified Admin 認定」

出題：1

A Splunk Cloud administrator is looking to allow a new group of Splunk users in the marketing department to access the Splunk environment and view a dashboard with relevant data. These users need to access marketing data (stored in the marketing_data index), but shouldn't be able to access other data, such as events related to security or operations.
Which approach would be the best way to accomplish these requirements?

A. Create a new role that does not inherit from any other role, turn on the same capabilities as the user role, and assign access to the marketing_data index.

B. Create a new role that inherits the admin rote and assign access to the marketing_dat.a index.

C. Create a new role that inherits the user role and remove the capability to search indexes other than marketing_data.

D. Create a new user with access to the marketing_data index assigned.

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

Which configuration shown is used to enable a forwarder as a deployment client of the server 10.1.2.3?

A. [target-broker:deploymentserver] targetUri = 10.1.2.3:8089

B. [target-broker:deploymentserver] deploymentserver = 10.1.2.3:9997

C. [target-broker:deploymentServer] targetUri = 10.1.2.3:9997

D. [target-broker:deploymentserver] deploymentserver = 10.1.2.3:8089

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Which of the following methods is valid for creating index-time field extractions?

A. Create a configuration app with the index-time props.conf and/or transfoms. conf, and upload the app via UI.

B. Use the UI to create a sourcetype, specify the field name and corresponding regular expression with capture statement.

C. Use the CU app to define settings in fields.conf, and restart Splunk Cloud.

D. Use the rex command to extract the desired field, and then save as a calculated field.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

What is the name of the Splunk index that contains the most valuable information for troubleshooting a Splunk issue?

A. _monitoring

B. lastchanceindex

C. defaultdb

D. _internal

正解：D 解答を投票する

出題：5

Which of the following is not considered a best practice for the deployment server?

A. Dedicate a Splunk instance as the deployment server.

B. Create small, single-purpose deployment apps.

C. Use a Linux server as the deployment server.

D. Create large, multi-purpose deployment apps.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Consider the following configurations:

What is the value of the sourcetype property for this stanza based on Splunk's configuration file precedence?

A. access_corabined

B. linux_secure, access_combined

C. linux aacurs

D. NULL, or unset, due to configuration conflict

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Which of the following are features of a managed Splunk Cloud environment?

A. Availability of premium apps, SSO integration, maximum concurrent search limit of 20.

B. Availability of premium apps, no IP address whitelisting or blacklisting, deployed in US East AWS region.

C. 20GB daily maximum data ingestion, no SSO integration, no availability of premium apps.

D. Availability of premium apps, SSO integration, IP address whitelisting and blacklisting.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Which file or folder below is not a required part of a deployment app?

A. metadata folder

B. local.meta

C. app.conf (in default or local)

D. props.conf

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

SPLK-1005試験無料問題集「Splunk Cloud Certified Admin 認定」