Splunk SPLK-1001 Exam Practice Test Instant Access

Question 1

Which of the following statements about case sensitivity is true?

ABoth field names and field values ARE case sensitive.

BField names ARE case sensitive; field values are NOT.

CField values ARE case sensitive; field names ARE NOT.

DBoth field names and field values ARE NOT case sensitive.

Answer : B

Question 2

Creating Data Models:

Fields associated with a data set are known as ______.

AAttributes

BConstraints

Answer : A

Question 3

All users by default have WRITE permission to ALL knowledge objects.

ATrue

BFalse

Answer : B

Question 4

______________ is the default web port used by Splunk.

A8089

B8000

C8080

D443

Answer : B

Question 5

Parsing of data can happen both in HF and Indexer.

AOnly HF

BNo

CYes

Answer : C

Question 6

Which statement is true about Splunk alerts?

AAlerts are based on searches that are either run on a scheduled interval or in real-time.

BAlerts are based on searches and when triggered will only send an email notification.

CAlerts are based on searches and require cron to run on scheduled interval.

DAlerts are based on searches that are run exclusively as real-time.

Answer : A

Question 7

By default search results are not returned in ________ order.

AChronological

BReverser chronological

CASCIE

DAlphabetical

Answer : A, D

Splunk SPLK-1001 Splunk Core Certified User Exam Practice Test