Free SPLK-3001 Exam Braindumps

Which of the following threat intelligence types can ES download? (Choose all that apply)

1. A. Text
2. B. STIX/TAXII
3. C. VulnScanSPL
4. D. SplunkEnterpriseThreatGenerator

Correct Answer: B
Reference: https://docs.splunk.com/Documentation/ES/6.1.0/Admin/Downloadthreatfeed

An administrator is asked to configure an “Nslookup” adaptive response action, so that it appears as a selectable option in the notable event’s action menu when an analyst is working in the Incident Review dashboard. What steps would the administrator take to configure this option?

1. A. Configure -> Content Management -> Type: Correlation Search -> Notable -> Nslookup
2. B. Configure -> Type: Correlation Search -> Notable -> Recommended Actions -> Nslookup
3. C. Configure -> Content Management -> Type: Correlation Search -> Notable -> Next Steps -> Nslookup
4. D. Configure -> Content Management -> Type: Correlation Search -> Notable -> Recommended Actions -> Nslookup

Correct Answer: D

To observe what network services are in use in a network’s activity overall, which of the following dashboards in Enterprise Security will contain the most relevant data?

1. A. Intrusion Center
2. B. Protocol Analysis
3. C. User Intelligence
4. D. Threat Intelligence

Correct Answer: A
Reference: https://docs.splunk.com/Documentation/ES/6.1.0/User/NetworkProtectionDomaindashboards

What does the risk framework add to an object (user, server or other type) to indicate increased risk?

1. A. An urgency.
2. B. A risk profile.
3. C. An aggregation.
4. D. A numeric score.

Correct Answer: C
Reference: https://docs.splunk.com/Documentation/ES/6.1.0/User/RiskScoring

What is the first step when preparing to install ES?

1. A. Install ES.
2. B. Determine the data sources used.
3. C. Determine the hardware required.
4. D. Determine the size and scope of installation.

Correct Answer: D