최신 SPLK-2002 무료덤프 - Splunk Enterprise Certified Architect

문제1

Which tool(s) can be leveraged to diagnose connection problems between an indexer and forwarder? (Select all that apply.)

A. telnet

B. tcpdump

C. splunk btool

D. splunk btprobe

정답: A,B

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Which of the following use cases would be made possible by multi-site clustering? (select all that apply)

A. Use blockchain technology to audit search activity from geographically dispersed data centers.

B. Enable a forwarder to send data to multiple indexers.

C. Seamlessly route searches to a redundant site in case of a site failure.

D. Greatly reduce WAN traffic by preferentially searching assigned site (search affinity).

정답: C,D

설명: (DumpTOP 회원만 볼 수 있음)

문제3

Consider a use case involving firewall data. There is no Splunk-supported Technical Add-On, but the vendor has built one. What are the items that must be evaluated before installing the add-on? (Select all that apply.)

A. Identify number of scheduled or real-time searches.

B. Identify the maximum number of forwarders Technical Add-On can support.

C. Verify if Technical Add-On needs to be installed onto both a search head or indexer.

D. Validate if this Technical Add-On enables event data for a data model.

정답: A,D

설명: (DumpTOP 회원만 볼 수 있음)

문제4

A multi-site indexer cluster can be configured using which of the following? (Select all that apply.)

A. Directly edit SPLUNK_HOME/etc./system/local/server.conf

B. Directly edit SPLUNK_HOME/etc/system/default/server.conf

C. Run a Splunk edit cluster-config command from the CLI.

D. Via Splunk Web.

정답: A,C

설명: (DumpTOP 회원만 볼 수 있음)

문제5

An index has large text log entries with many unique terms in the raw data. Other than the raw data, which index components will take the most space?

A. Index source metadata (sources.data files).

B. Bloom filters (bloomfilter files).

C. Index files (*. tsidx files).

D. Index sourcetype metadata (SourceTypes. data files).

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Determining data capacity for an index is a non-trivial exercise. Which of the following are possible considerations that would affect daily indexing volume? (select all that apply)

A. Peak data rates.

B. Number of data sources.

C. Average size of event data.

D. Number of concurrent searches on data.

정답: A,B,C

설명: (DumpTOP 회원만 볼 수 있음)

문제7

When should multiple search pipelines be enabled?

A. Only if CPU and memory resources are significantly under-utilized.

B. Only if disk IOPS is at 800 or better.

C. Only if running Splunk Enterprise version 6.6 or later.

D. Only if there are fewer than twelve concurrent users.

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Which two sections can be expanded using the Search Job Inspector?

A. Optimization suggestions.

B. Execution costs.

C. Saved search history.

D. Search job properties.

정답: A,D

설명: (DumpTOP 회원만 볼 수 있음)

문제9

What log file would you search to verify if you suspect there is a problem interpreting a regular expression in a monitor stanza?

A. splunkd.log

B. tailing_processor.log

C. btool.log

D. metrics.log

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제10

Which Splunk internal index contains license-related events?

A. _license

B. _internal

C. _audit

D. _introspection

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

최신 SPLK-2002 무료덤프 - Splunk Enterprise Certified Architect

우리와 연락하기

유용한 링크

최신 업데이트