ExamTopics Logo
Mail Us[email protected]
Menu
Splunk Discussions
exam questions

Exam SPLK-3003 All Questions

View all questions & answers for the SPLK-3003 exam
Go to Exam

Exam SPLK-3003 topic 1 question 38 discussion

Actual exam question from Splunk's SPLK-3003
Question #: 38
Topic #: 1
[All SPLK-3003 Questions]

A customer has implemented their own Role Based Access Control (RBAC) model to attempt to give the Security team different data access than the Operations team by creating two new Splunk roles "" security and operations. In the srchIndexesAllowed setting of authorize.conf, they specified the network index under the security role and the operations index under the operations role. The new roles are set up to inherit the default user role.
If a new user is created and assigned to the operations role only, which indexes will the user have access to search?

  • A. operations, network, _internal, _audit
  • B. operations
  • C. No Indexes
  • D. operations, network
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Vin1118 at Jan. 15, 2021, 10:09 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Vin1118
Highly Voted 3 years, 6 months ago
I think D. By default, user have access to all non-internal indexes
upvoted 10 times
...
SplunkStreamer
Most Recent 2 months, 2 weeks ago
Selected Answer: D
D, by default the user role has access to all non-internal indexes.
upvoted 1 times
...
da_stingo
1 year ago
Selected Answer: B
I am really struggling with your answers, boys. When I look up the users role which comes preinstalled with every splunk install by default, I do NOT see that users have access to all non-indexes. Do you have another source of truth for answering this question beside looking of the role info page showing which index the role is allowed to search?
upvoted 1 times
da_stingo
1 year ago
never mind. i found it :/
upvoted 1 times
...
da_stingo
1 year ago
*non-internal-indexes
upvoted 1 times
...
...
spl_bonn
1 year, 8 months ago
Selected Answer: D
D is the correct one. user role is by default has access to all non-internal indexes
upvoted 1 times
...
ranga19
1 year, 10 months ago
D ,By default, user have access to all non-internal indexes.
upvoted 1 times
...
huu_nguyen
1 year, 10 months ago
Selected Answer: D
D is the one, by default, the user does have access to all non-internal indexes but not to internal indexes
upvoted 1 times
...
Redtonyeah
2 years, 1 month ago
D is OK
upvoted 1 times
...
nutsu
2 years, 9 months ago
answer D, default user role not see internal index and default see non-internal index
upvoted 2 times
...
simplekindaman
3 years, 5 months ago
Agreed... answer is D, for reason Vin1118 mentions
upvoted 1 times
...
tico2k
3 years, 5 months ago
The correct answer is D
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel