最新的Splunk Certified Cybersecurity Defense Analyst - SPLK-5001免費考試真題

問題1
Which of the following roles is commonly responsible for selecting and designing the infrastructure and tools that a security analyst utilizes to effectively complete their job duties?

正確答案: B
說明:(僅 VCESoft 成員可見)
問題2
Which of the following is a best practice when creating performant searches within Splunk?

正確答案: D
問題3
Which of the following is considered Personal Data under GDPR?

正確答案: C
問題4
The Security Operations team would like to track improvements after customizing dashboards to help analysts triage security alerts more efficiently. Which metric would they use?

正確答案: D
問題5
What feature of Splunk Security Essentials (SSE) allows an analyst to see a listing of current on- boarded data sources in Splunk so they can view content based on available data?

正確答案: A
說明:(僅 VCESoft 成員可見)
問題6
An analyst would like to test how certain Splunk SPL commands work against a small set of data.
What command should start the search pipeline if they wanted to create their own data instead of utilizing data contained within Splunk?

正確答案: A
問題7
A Cyber Threat Intelligence (CTI) team delivers a briefing to the CISO detailing their view of the threat landscape the organization faces. This is an example of what type of Threat Intelligence?

正確答案: A
問題8
A security analyst wants to enrich public IP addresses found within logs with the Autonomous System Number and owner of the address. What Splunk feature would enable the analyst to do this?

正確答案: D
說明:(僅 VCESoft 成員可見)
問題9
Which of the following is not considered a type of default metadata in Splunk?

正確答案: C
說明:(僅 VCESoft 成員可見)
問題10
After discovering some events that were missed in an initial investigation, an analyst determines this is because some events have an empty src field. Instead, the required data is often captured in another field called machine_name.
What SPL could they use to find all relevant events across either field until the field extraction is fixed?

正確答案: A