[Q17-Q42] SPLK-3002認定で究極のガイド [2022年更新]

SPLK-3002認定で究極のガイド [2022年更新]

SPLK-3002練習試験と学習ガイドは厳密検証された

質問 17
When changing a service template, which of the following will be added to linked services by default?

A. Thresholds.
B. Health score.
C. New KPIs.
D. Entity Rules.

正解: D

解説:
Explanation
Link multiple services to a service template to manage them collectively in IT Service Intelligence (ITSI). A service can only be linked to one service template at a time. When you link a service to a service template, any existing KPIs in the service are preserved and KPIs in the template are added to the service. You can choose to append, replace, or keep entity rules.

質問 18
Which of the following are deployment recommendations for ITSI? (Choose all that apply.)

A. Deployments should use fastest possible disk arrays for indexers.
B. Deployments require a dedicated ITSI search head.
C. Deployments may increase the number of required indexers based on the number of KPI searches.
D. Deployments often require an increase of hardware resources above base Splunk requirements.

正解: B,C,D

解説:
Explanation
You might need to increase the hardware specifications of your own Enterprise Security deployment above the minimum hardware requirements depending on your environment.
Install Splunk Enterprise Security on a dedicated search head or search head cluster.
The Splunk platform uses indexers to scale horizontally. The number of indexers required in an Enterprise Security deployment varies based on the data volume, data type, retention requirements, search type, and search concurrency.

質問 19
What are valid ITSI Glass Table editor capabilities? (Choose all that apply.)

A. Service swapping configuration.
B. Correlation search creation.
C. Creating glass tables.
D. Adding KPI metric lanes to glass tables.

正解: A,C,D

解説:
Explanation
Create a glass table to visualize and monitor the interrelationships and dependencies across your IT and business services.
The service swapping settings are saved and apply the next time you open the glass table.
You can add metrics like KPIs, ad hoc searches, and service health scores that update in real time against a background that you design. Glass tables show real-time data generated by KPIs and services.

質問 20
Which of the following is a characteristic of base searches?

A. The fewer KPIs that share a common base search, the more efficiency a base search provides, and anomaly detection is more efficient.
B. Search expression, entity splitting rules, and thresholds are configured at the base search level.
C. The base search will execute whether or not a KPI needs it.
D. It is possible to filter to entities assigned to the service for calculating the metrics for the service's KPIs.

正解: D

質問 21
Which scenario would benefit most by implementing ITSI?

A. Monitoring of system hardware.
B. Monitoring of retail sales metrics.
C. Monitoring of system process statuses
D. Monitoring of business services functionality.

正解: D

質問 22
Besides creating notable events, what are the default alert actions a correlation search can execute? (Choose all that apply.)

A. Ping a host.
B. Send email.
C. Run a script.
D. Include in RSS feed.

正解: B,C,D

解説:
Explanation
Throttling applies to any correlation search alert type, including notable events and actions (RSS feed, email, run script, and ticketing).

質問 23
What is the default importance value for dependent services' health scores?

A. 0
B. 1
C. 2
D. Unassigned

正解: B

解説:
Explanation
By default, impacting service health scores have an importance value of 11.

質問 24
Which of the following best describes a default deep dive?

A. It initially shows all the entity swim lanes.
B. It initially shows the highest importance KPIs.
C. It initially shows all of the KPIs for a selected service.
D. It initially shows the health scores for all services.

正解: A

質問 25
What effects does the KPI importance weight of 11 have on the overall health score of a service?

A. It is a minimum health indicator KPI.
B. At least 10% of the KPIs will go critical.
C. Importance weight is unused for health scoring.
D. The service will go critical.

正解: A

質問 26
When deploying ITSI on a distributed Splunk installation, which component must be installed on the search head(s)?

A. All ITSI components
B. SA-ITOA
C. SA-ITSI-Licensechecker
D. ITSI app

正解: C

解説:
Explanation
Install SA-ITSI-Licensechecker and SA-UserAccess on any license master in a distributed or search head cluster environment. If a search head in your environment is also a license master, the license master components are installed when you install ITSI on the search heads.

質問 27
Which deep dive swim lane type does not require writing SPL?

A. KPI lane.
B. Metric lane.
C. Automatic lane.
D. Event lane.

正解: C

解説:
Explanation
Among all the search configurations, automatic lane doesn't need to be written in Splunk Processing language.

質問 28
Which of the following applies when configuring time policies for KPI thresholds?

A. They are great if you expect normal behavior at 1:00 to be different than normal behavior at 5:00
B. If a person expects a KPI to change significantly through a cycle on a daily basis, don't use it.
C. It is possible for multiple time policies to overlap.
D. A person can only configure 24 policies, one for each hour of the day.

正解: C

解説:
Explanation
If you're creating multiple time policies that require the same threshold values, you can save time by copying the threshold levels and their corresponding values from one policy to another.

質問 29
Which ITSI functions generate notable events? (Choose all that apply.)

A. KPI threshold breaches.
B. KPI anomaly detection.
C. Multi-KPI alert.
D. Correlation search.

正解: A,B,D

解説:
Explanation
After you configure KPI thresholds, you can set up alerts to notify you when aggregate KPI severities change.
ITSI generates notable events in Episode Review based on the alerting rules you configure.
Anomaly detection generates notable events when a KPI IT Service Intelligence (ITSI) deviates from an expected pattern.
Notable events are typically generated by a correlation search.

質問 30
Which index contains ITSI Episodes?

A. itsi_summary
B. itsi_tracked_alerts
C. itsi_grouped_alerts
D. itsi_notable_archive

正解: D

質問 31
What is an episode?

A. A notable event.
B. A deep dive.
C. A workflow task.
D. A notable event group.

正解: A

解説:
Explanation
It's a deduplicated group of notable events occurring as part of a larger sequence, or an incident or period considered in isolation.

質問 32
What are valid considerations when designing an ITSI Service? (Choose all that apply.)

A. Backfill of a KPI should always be selected so historical data points can be used immediately and alerts based on that data can occur.
B. Services, entities, and saved searches are stored in the ITSI app, while events created by KPI execution are stored in the itsi_summary index.
C. Entities, entity meta-data, and entity rules should be planned carefully to support the service design and configuration.
D. Service access control requirements for ITSI Team Access should be considered, and appropriate teams provisioned prior to creating the ITSI Service.

正解: B,D

質問 33
Which of the following is an advantage of using adaptive time thresholds?

A. Automatically update thresholds daily to manage dynamic changes to KPI values.
B. Automatically adjust KPI calculation to manage dynamic event data.
C. Automatically adjust aggregation policy grouping to manage escalating severity.
D. Automatically adjust correlation search thresholds to adjust sensitivity over time.

正解: A

質問 34
Which index will contain useful error messages when troubleshooting ITSI issues?

A. _introspection
B. itsi_summary
C. itsi_notable_audit
D. _internal

正解: D

質問 35
What should be considered when onboarding data into a Splunk index, assuming that ITSI will need to use this data?

A. Use | stats functions in custom fields to prepare the data for KPI calculations.
B. Check if the data could leverage pre-built KPIs from modules, then use the correct TA to onboard the data.
C. Plan to build as many data models as possible for ITSI to leverage
D. Make sure that all fields conform to CIM, then use the corresponding module to import related services.

正解: B

質問 36
Which of the following accurately describes base searches used for KPIs in a service?

A. All the metrics in a base search are used by one service.
B. Base searches can be used for multiple services.
C. A base search can only be used by its service and all dependent services.
D. All the KPIs in a service use the same base search.

正解: B

解説:
Explanation
KPI base searches let you share a search definition across multiple KPIs in IT Service Intelligence (ITSI).
Create base searches to consolidate multiple similar KPIs, reduce search load, and improve search performance.

質問 37
There are two departments using ITSI. Finance and Sales. Analysts in each department should not be allowed to see each other's services. What are the role configuration steps required to accomplish this?

A. itoa_finance_admin, inherited from itoa_team_admin; itoa_sales_admin, inherited from itoa_team_admin; itoa_finance_analyst, inherited from itoa_analyst; itoa_sales_analyst, inherited from itoa_analyst.
B. itoa_finance_admin, inherited from itoa_admin; itoa_sales_admin, inherited from itoa_team_admin; itoa_finance_analyst, inherited from itoa_analyst; itoa_sales_analyst, inherited from itoa_team_analyst.
C. itoa_finance_admin, inherited from itoa_admin; itoa_sales_admin, inherited from itoa_team_admin; itoa_finance_analyst, inherited from itoa_analyst; itoa_sales_analyst, inherited from itoa_analyst.
D. itoa_finance_admin, inherited from itoa_admin; itoa_sales_admin, inherited from itoa_team_admin; itoa_finance_analyst, inherited from itoa_team_analyst; itoa_sales_analyst, inherited from itoa_team_analyst.

正解: B

質問 38
......

究極のガイドはSPLK-3002最新時間限定！今すぐダウンロード！：https://www.goshiken.com/Splunk/SPLK-3002-mondaishu.html

2022年最新のな厳密検証されたSPLK-3002学習合格ガイドでベズトお試しセット：https://drive.google.com/open?id=1Qnthw89-m54ca0wgz7FPEK8QyfvpSJJb

関するブログ

もっと

SPLK-3002無料問題集