ExamTopics Logo
Mail Us[email protected]
Menu
Splunk Discussions
exam questions

Exam SPLK-3001 All Questions

View all questions & answers for the SPLK-3001 exam
Go to Exam

Exam SPLK-3001 topic 1 question 96 discussion

Actual exam question from Splunk's SPLK-3001
Question #: 96
Topic #: 1
[All SPLK-3001 Questions]

A security manager has been working with the executive team on long-range security goals. A primary goal for the team is to improve managing user risk in the organization. Which of the following ES features can help identify users accessing inappropriate web sites?

  • A. Make sure the Authentication data model contains up-to-date events and is properly accelerated.
  • B. Configuring user and website watchlists so the User Activity dashboard will highlight unwanted user actions.
  • C. Configuring the identities lookup with user details to enrich notable event information for forensic analysis.
  • D. Use the Access Anomalies dashboard to identify unusual protocols being used to access corporate sites.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by fuchi_pixel at Jan. 20, 2024, 8:43 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
fuchi_pixel
9 months, 4 weeks ago
Selected Answer: B
B is correct. Pag. 283 "Watchlisting Identities" - "Administering Splunk ES 7.1"
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago