You have already completed the Test before. Hence you can not start it again.
Test is loading...
You must sign in or sign up to start the Test.
You have to finish following quiz, to start this Test:
Your results are here!! for" Splunk Certified Admin Practice Test 3 "
0 of 65 questions answered correctly
Your time:
Time has elapsed
Your Final Score is : 0
You have attempted : 0
Number of Correct Questions : 0 and scored 0
Number of Incorrect Questions : 0 and Negative marks 0
Average score
Your score
Splunk Certified Admin
You have attempted: 0
Number of Correct Questions: 0 and scored 0
Number of Incorrect Questions: 0 and Negative marks 0
You can review your answers by clicking on “View Answers” option. Important Note : Open Reference Documentation Links in New Tab (Right Click and Open in New Tab).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
Answered
Review
Question 1 of 65
1. Question
Which of the following are supported configuration methods to add inputs on a forwarder? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 2 of 65
2. Question
This file has been manually created on a universal forwarder: /opt/splunkforwarder/etc/apps/my_TA/local/inputs.conf [monitor:///var/log/messages] sourcetype=syslog index=syslog A new Splunk admin comes in and connects the universal forwarders to a deployment server and deploys the same app with a new inputs.conf file: /opt/splunk/etc/deployment-apps/my_TA/local/inputs.conf [monitor:///var/log/maillog] sourcetype=maillog index=syslog Which file is now monitored?
Correct
Incorrect
Unattempted
Question 3 of 65
3. Question
In which Splunk configuration is the SEDCMD used?
Correct
Incorrect
Unattempted
Question 4 of 65
4. Question
In case of a conflict between a whitelist and a blacklist input setting, which one is used?
Correct
Incorrect
Unattempted
Question 5 of 65
5. Question
Which Splunk component consolidates the individual results and prepares reports in a distributed environment?
Correct
Incorrect
Unattempted
Question 6 of 65
6. Question
User role inheritance allows what to be inherited from the parent role? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 7 of 65
7. Question
Where should apps be located on the deployment server that the clients pull from?
Correct
Incorrect
Unattempted
Question 8 of 65
8. Question
Which Splunk component requires a Forwarder license?
Correct
Incorrect
Unattempted
Question 9 of 65
9. Question
Which Splunk forwarder type allows parsing of data before forwarding to an indexer?
Correct
Incorrect
Unattempted
Question 10 of 65
10. Question
Which parent directory contains the configuration files in Splunk?
Correct
Incorrect
Unattempted
Question 11 of 65
11. Question
During search time, which directory of configuration files has the highest precedence?
Correct
Incorrect
Unattempted
Question 12 of 65
12. Question
Which setting in indexes.conf allows data retention to be controlled by time?
Correct
Incorrect
Unattempted
Question 13 of 65
13. Question
When running the command shown below, what is the default path in which deploymentserver.conf is created? splunk set deploy-poll deployServer:port
Correct
Incorrect
Unattempted
Question 14 of 65
14. Question
The priority of layered Splunk configuration files depends on the fileÕs:
Correct
Incorrect
Unattempted
Question 15 of 65
15. Question
What is required when adding a native user to Splunk? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 16 of 65
16. Question
What options are available when creating custom roles? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 17 of 65
17. Question
Which of the following statements describe deployment management? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 18 of 65
18. Question
Which Splunk component distributes apps and certain other configuration updates to search head cluster members?
Correct
Incorrect
Unattempted
Question 19 of 65
19. Question
Where are license files stored?
Correct
Incorrect
Unattempted
Question 20 of 65
20. Question
What are the required stanza attributes when configuring the transforms.conf to manipulate or remove events?
Correct
Incorrect
Unattempted
Question 21 of 65
21. Question
Which of the following are methods for adding inputs in Splunk? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 22 of 65
22. Question
Which of the following are required when defining an index in indexes.conf? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 23 of 65
23. Question
Which layers are involved in Splunk configuration file layering? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 24 of 65
24. Question
In which scenario would a Splunk Administrator want to enable data integrity check when creating an index?
Correct
Incorrect
Unattempted
Question 25 of 65
25. Question
Which of the following authentication types requires scripting in Splunk?
Correct
Incorrect
Unattempted
Question 26 of 65
26. Question
Local user accounts created in Splunk store passwords in which file?
Correct
Incorrect
Unattempted
Question 27 of 65
27. Question
What type of data is counted against the Enterprise license at a fixed 150 bytes per event?
Correct
Incorrect
Unattempted
Question 28 of 65
28. Question
When deploying apps, which attribute in the forwarder management interface determines the apps that clients install?
Correct
Incorrect
Unattempted
Question 29 of 65
29. Question
When deploying apps, which attribute in the forwarder management interface determines the apps that clients install?
Correct
Incorrect
Unattempted
Question 30 of 65
30. Question
How do you remove missing forwarders from the Monitoring Console?
Correct
Incorrect
Unattempted
Question 31 of 65
31. Question
Which of the following indexes come pre-configured with Splunk Enterprise?
Correct
Incorrect
Unattempted
Question 32 of 65
32. Question
What hardware attribute would you need to be changed to increase the number of simultaneous searches (ad-hoc and scheduled) on a single search head?
Correct
Incorrect
Unattempted
Question 33 of 65
33. Question
Which authentication methods are natively supported within Splunk Enterprise?
Correct
Incorrect
Unattempted
Question 34 of 65
34. Question
Which of the following statements describe deployment management? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 35 of 65
35. Question
Which Splunk component performs indexing and responds to search requests from the search head?
Correct
Incorrect
Unattempted
Question 36 of 65
36. Question
In which phase of the index time process does the license metering occur?
Correct
Incorrect
Unattempted
Question 37 of 65
37. Question
When running the command shown below, what is the default path in which deploymentserver.conf is created? splunk set deploy-poll deployServer:port
Correct
Incorrect
Unattempted
Question 38 of 65
38. Question
Which option accurately describes the purpose of the HTTP Event Collector (HEC)?
Correct
Incorrect
Unattempted
Question 39 of 65
39. Question
Which parent directory contains the configuration files in Splunk?
Correct
Incorrect
Unattempted
Question 40 of 65
40. Question
During search time, which directory of configuration files has the highest precedence?
Correct
Incorrect
Unattempted
Question 41 of 65
41. Question
This file has been manually created on a universal forwarder: /opt/splunkforwarder/etc/apps/my_TA/local/inputs.conf [monitor:///var/log/messages] sourcetype=syslog index=syslog A new Splunk admin comes in and connects the universal forwarders to a deployment server and deploys the same app with a new inputs.conf file: /opt/splunk/etc/deployment-apps/my_TA/local/inputs.conf [monitor:///var/log/maillog] sourcetype=maillog index=syslog Which file is now monitored?
Correct
Incorrect
Unattempted
Question 42 of 65
42. Question
Which of the following is a valid distributed search group?
Correct
Incorrect
Unattempted
Question 43 of 65
43. Question
Where should apps be located on the deployment server that the clients pull from?
Correct
Incorrect
Unattempted
Question 44 of 65
44. Question
Which Splunk component requires a Forwarder license?
Correct
Incorrect
Unattempted
Question 45 of 65
45. Question
Which of the following are supported options when configuring optional network inputs?
Correct
Incorrect
Unattempted
Question 46 of 65
46. Question
How often does Splunk recheck the LDAP server?
Correct
Incorrect
Unattempted
Question 47 of 65
47. Question
Which of the following are methods for adding inputs in Splunk? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 48 of 65
48. Question
Which Splunk component does a search head primarily communicate with?
Correct
Incorrect
Unattempted
Question 49 of 65
49. Question
$SPLUNK_HOME/etc/users/authentication.conf Newline Character
Correct
Incorrect
Unattempted
Question 50 of 65
50. Question
Where are license files stored?
Correct
Incorrect
Unattempted
Question 51 of 65
51. Question
Which of the following are required when defining an index in indexes.conf? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 52 of 65
52. Question
In case of a conflict between a whitelist and a blacklist input setting, which one is used?
Correct
Incorrect
Unattempted
Question 53 of 65
53. Question
How would you configure your distsearch.conf to allow you to run the search below? sourcetype=access_combined status=200 action=purchase splunk_server_group=HOUSTON
Correct
Incorrect
Unattempted
Question 54 of 65
54. Question
When configuring monitor inputs with whitelists or blacklists, what is the supported method of filtering the lists?
Correct
Incorrect
Unattempted
Question 55 of 65
55. Question
Which Splunk component consolidates the individual results and prepares reports in a distributed environment?
Correct
Incorrect
Unattempted
Question 56 of 65
56. Question
Within props.conf, which stanzas are valid for data modification? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 57 of 65
57. Question
You update a props.conf file while Splunk is running. You do not restart Splunk and you run this command: splunk btool props list Ðdebug. What will the output be?
Correct
Incorrect
Unattempted
Question 58 of 65
58. Question
Which forwarder type can parse data prior to forwarding?
Correct
Incorrect
Unattempted
Question 59 of 65
59. Question
In which phase of the index time process does the license metering occur?
Correct
Incorrect
Unattempted
Question 60 of 65
60. Question
Where can scripts for scripted inputs reside on the host file system? (Select all that apply.)
Correct
Incorrect
Unattempted
Question 61 of 65
61. Question
What are the minimum required settings when creating a network input in Splunk?
Correct
Incorrect
Unattempted
Question 62 of 65
62. Question
To set up a network input in Splunk, what needs to be specified?
Correct
Incorrect
Unattempted
Question 63 of 65
63. Question
Which optional configuration setting in inputs.conf allows you to selectively forward the data to specific indexer(s)?
Correct
Incorrect
Unattempted
Question 64 of 65
64. Question
Which of the following enables compression for universal forwarders in outputs.conf?
Correct
Incorrect
Unattempted
Question 65 of 65
65. Question
How does the Monitoring Console monitor forwarders?
Correct
Incorrect
Unattempted
Use Page numbers below to navigate to other practice tests
