최신 SPLK-2003 무료덤프 - Splunk Phantom Certified Admin

문제1

What is the default embedded search engine used by Phantom?

A. Embedded Django search engine.

B. Embedded Phantom search engine.

C. Embedded Elastic search engine.

D. Embedded Splunk search engine.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Which of the following roles is appropriate for a Splunk SOAR account that will only be used to execute automated tasks?

A. Automation

B. Non-Human

C. Service Account

D. Automation Engineer

정답: A

문제3

Without customizing container status within SOAR, what are the three types of status for a container?

A. Low, Medium, High

B. New, In Progress, Closed

C. New, Open, Resolved

D. Low, Medium, Critical

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제4

If the SOAR New status is removed and replaced by In Progress, what status is shown for containers that had the new status before the replacement?

A. New

B. In Progress

C. In Progress

D. New

정답: B

문제5

On the Splunk search head, when configuring the app to search SOAR searchable content, what are the two requirements to complete the app setup?

A. User accounts and universal forwarder.

B. User accounts and REST API.

C. User accounts and syslog.

D. User accounts and an HTTP Event Collector token.

정답: B

문제6

How can a child playbook access the parent playbook's action results?

A. The parent can create an artifact with the data needed by the did.

B. By setting scope to ALL when starting the child.

C. Child playbooks can access parent playbook data while the parent Is still running.

D. When configuring the playbook block in the parent, add the desired results in the Scope parameter.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

If no data matches any filter conditions, what is the next block run by the playbook?

A. The filter block.

B. The next block.

C. The start block.

D. The end block.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which of the following actions will store a compressed, secure version of an email attachment with suspected malware for future analysis?

A. Use the Files tab on the Investigation page to upload the attachment.

B. Use the Upload action of the Secure Store app to store the file in the database.

C. Add a link to the file in a new artifact.

D. Copy/paste the attachment into a note.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제9

What are indicators?

A. Action results that may appear in multiple containers.

B. Action result items that determine the flow of execution in a playbook.

C. Artifact values with special security significance.

D. Artifact values that can appear in multiple containers.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제10

When working with complex datapaths, which operator is used to access a sub-element inside another element?

A. * (asterisk)

B. : (colon)

C. . (dot)

D. | (pipe)

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

최신 SPLK-2003 무료덤프 - Splunk Phantom Certified Admin

우리와 연락하기

유용한 링크

최신 업데이트