최신 SPLK-2002 무료덤프 - Splunk Enterprise Certified Architect

문제1

Before users can use a KV store, an admin must create a collection. Where is a collection is defined?

A. collections.conf

B. kvcollections.conf

C. collection.conf

D. kvstore.conf

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제2

When adding or decommissioning a member from a Search Head Cluster (SHC), what is the proper order of operations?

A. 1. Delete Splunk Enterprise, if it exists.2. Install and initialize the instance.3. Join the SHC.

B. 1. Install and initialize the instance.2. Delete Splunk Enterprise, if it exists.3. Join the SHC.

C. 1. Trigger replication.2. Remove master node from cluster.3. Initialize cluster rebalance operation.

D. 1. Initialize cluster rebalance operation.2. Remove master node from cluster.3. Trigger replication.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제3

Splunk configuration parameter settings can differ between multiple .conf files of the same name contained within different apps. Which of the following directories has the highest precedence?

A. System local directory.

B. App default directories, in ASCII order.

C. App local directories, in ASCII order.

D. System default directory.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제4

A search head cluster with a KV store collection can be updated from where in the KV store collection?

A. The search head cluster captain.

B. The KV store primary search head.

C. Any search head in the cluster.

D. Any search head except the captain.

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제5

A Splunk user successfully extracted an ip address into a field called src_ip. Their colleague cannot see that field in their search results with events known to have src_ip. Which of the following may explain the problem? (Select all that apply.)

A. The colleague did not explicitly use the field in the search and the search was set to Fast Mode.

B. The events are tagged as communicate, but are missing the network tag.

C. The field was extracted as a private knowledge object.

D. The Typing Queue, which does regular expression replacements, is blocked.

정답: A,C

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Search dashboards in the Monitoring Console indicate that the distributed deployment is approaching its capacity. Which of the following options will provide the most search performance improvement?

A. Replace the indexer storage to solid state drives (SSD).

B. Add more search heads and redistribute users based on the search type.

C. Look for slow searches and reschedule them to run during an off-peak time.

D. Add more search peers and make sure forwarders distribute data evenly across all indexers.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

Which of the following are possible causes of a crash in Splunk? (select all that apply)

A. Insufficient memory.

B. Incorrect ulimit settings.

C. Insufficient disk IOPS.

D. Running out of disk space.

정답: A,B,C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제8

What log file would you search to verify if you suspect there is a problem interpreting a regular expression in a monitor stanza?

A. splunkd.log

B. tailing_processor.log

C. btool.log

D. metrics.log

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제9

If .delta replication fails during knowledge bundle replication, what is the fall-back method for Splunk?

A. .delta replication.

B. .Restart splunkd.

C. Restart mongod.

D. .bundle replication.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Which command is used for thawing the archive bucket?

A. Splunk dbinspect

B. Splunk rebuild

C. Splunk convert

D. Splunk collect

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

최신 SPLK-2002 무료덤프 - Splunk Enterprise Certified Architect

우리와 연락하기

유용한 링크

최신 업데이트