If a username does not match the ‘identity’ column in the identities list, which column is checked next?
Correct Answer:C
Which of the following would allow an add-on to be automatically imported into Splunk Enterprise Security?
Correct Answer:D
Reference: https://dev.splunk.com/enterprise/docs/developapps/enterprisesecurity/planintegrationes/
How is it possible to navigate to the list of currently-enabled ES correlation searches?
Correct Answer:A
Reference: https://docs.splunk.com/Documentation/ES/6.1.0/Admin/Listcorrelationsearches
What kind of value is in the red box in this picture?
Correct Answer:C
Reference: https://docs.splunk.com/Documentation/Splunk/8.0.2/Data/FormateventsforHTTPEventCollector
How should an administrator add a new lookup through the ES app?
Correct Answer:D
Reference: https://docs.splunk.com/Documentation/ES/6.1.0/Admin/Createlookups
What are the steps to add a new column to the Notable Event table in the Incident Review dashboard?
Correct Answer:C
Reference: https://docs.splunk.com/Documentation/ES/6.1.0/Admin/Customizenotables