최신 SPLK-2003 무료덤프 - Splunk Phantom Certified Admin

문제1

A new project requires event data from SOAR to be sent to an external system via REST. All events with the label notable that are in new status should be sent. Which of the following REST Django expressions will select the correct events?

A.

B.

C.

D.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Within the 12A2 design methodology, which of the following most accurately describes the last step?

A. List of the apps used by the playbook.

B. List of the outputs of the playbook design.

C. List of the actions of the playbook design.

D. List of the data needed to run the playbook.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제3

What are the components of the I2A2 design methodology?

A. Inputs, Interactions, Actions, Artifacts

B. Inputs, Interactions, Actions, Assets

C. Inputs, Interactions, Apps, Artifacts

D. Inputs, Interactions, Actions, Apps

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제4

Which of the following cannot be marked as evidence in a container?

A. Note

B. Comment

C. Action result

D. Artifact

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Some of the playbooks on the Phantom server should only be executed by members of the admin role. How can this rule be applied?

A. Make sure the Execute Playbook capability is removed from al roles except admin.

B. Add a filter block to al restricted playbooks that Titters for runRole - "Admin''.

C. Add a tag with restricted access to the restricted playbooks.

D. Place restricted playbooks in a second source repository that has restricted access.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which of the following will show all artifacts that have the term results in a filePath CEF value?

A. .../result/artifact?_query_cef_filepath_icontains=''results

B. .../result/artifacts/cef/filePath= '%results%''

C. ...rest/artifacts/filePath=''%results%''

D. .../rest/artifact?_filter_cef_filePath_icontain=''results''

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

A filter block with only one condition configured which states: artifact.*.cef .sourceAddress !- , would permit which of the following data to pass forward to the next block?

A. Null IP addresses

B. Null values

C. Non-null IP addresses

D. Non-null destinationAddresses

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제8

A user has written a playbook that calls three other playbooks, one after the other. The user notices that the second playbook starts executing before the first one completes. What is the cause of this behavior?

A. The first playbook is performing poorly.

B. Incorrect Join configuration on the second playbook.

C. Synchronous execution has not been configured.

D. The steep option for the second playbook is not set to a long enough interval.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Which is the primary system requirement that should be increased with heavy usage of the file vault?

A. Amount of memory.

B. Amount of storage.

C. Bandwidth of network.

D. Number of processors.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제10

When writing a custom function that uses regex to extract the domain name from a URL, a user wants to create a new artifact for the extracted domain. Which of the following Python API calls will create a new artifact?

A. phantom. update ()

B. phantom.add_artifact ()

C. phantom.new_artifact ()

D. phantom.create_artifact ()

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

최신 SPLK-2003 무료덤프 - Splunk Phantom Certified Admin

우리와 연락하기

유용한 링크

최신 업데이트