SPLK-5001無料問題集「Splunk Certified Cybersecurity Defense Analyst」

質問 1

Which of the following is considered Personal Data under GDPR?

（A）An individual's address including their first and last name.

（B）A company's registration number.

（C）The birth date of an unidentified user.

（D）The name of a deceased individual.

正解：A 解答を投票する

質問 2

Which of the following is a correct Splunk search that will return results in the most performant way?

（A）index=foo host=i-478619733 | stats range(_time) as duration by src_ip | bin duration span=5min | stats count by duration, host

（B）| stats range(_time) as duration by src_ip | index=foo host=i-478619733 | bin duration span=5min | stats count by duration, host

（C）index=foo host=i-478619733 | transaction src_ip |stats count by host

（D）index=foo | transaction src_ip |stats count by host | search host=i-478619733

正解：A 解答を投票する

質問 3

What goal of an Advanced Persistent Threat (APT) group aims to disrupt or damage on behalf of a cause?

（A）Hacktivism

（B）Financial gain

（C）Prestige

（D）Cyber espionage

正解：A 解答を投票する

質問 4

An analyst is not sure that all of the potential data sources at her company are being correctly or completely utilized by Splunk and Enterprise Security. Which of the following might she suggest using, in order to perform an analysis of the data types available and some of their potential security uses?

（A）SOAR

（B）Splunk ITSI

（C）Security Essentials

（D）Splunk Intelligence Management

正解：C 解答を投票する

質問 5

A Risk Rule generates events on Suspicious Cloud Share Activity and regularly contributes to confirmed incidents from Risk Notables. An analyst realizes the raw logs these events are generated from contain information which helps them determine what might be malicious.
What should they ask their engineer for to make their analysis easier?

（A）Add this information to the risk message.

（B）Create another detection for this information.

（C）Allowlist more events based on this information.

（D）Create a field extraction for this information.

正解：D 解答を投票する

質問 6

A threat hunter generates a report containing the list of users who have logged in to a particular database during the last 6 months, along with the number of times they have each authenticated. They sort this list and remove any user names who have logged in more than 6 times. The remaining names represent the users who rarely log in, as their activity is more suspicious. The hunter examines each of these rare logins in detail.
This is an example of what type of threat-hunting technique?

（A）Time Series Analysis

（B）Co-Occurrence Analysis

（C）Outlier Frequency Analysis

（D）Least Frequency of Occurrence Analysis

正解：D 解答を投票する

質問 7

While the top command is utilized to find the most common values contained within a field, a Cyber Defense Analyst hunts for anomalies. Which of the following Splunk commands returns the least common values?

（A）base

（B）least

（C）rare

（D）uncommon

正解：C 解答を投票する

SPLK-5001 無料問題集「Splunk Certified Cybersecurity Defense Analyst」

弊社を連絡する

関連リンク

トップ試験