Splunk SPLK-5001 Exam Practice Test Instant Access

Question 1

An analyst would like to visualize threat objects across their environment and chronological risk events for a Risk Object in Incident Review. Where would they find this?

ARunning the Risk Analysis Adaptive Response action within the Notable Event.

BVia a workflow action for the Risk Investigation dashboard.

CVia the Risk Analysis dashboard under the Security Intelligence tab in Enterprise Security.

DClicking the risk event count to open the Risk Event Timeline.

Answer : D

Question 2

Outlier detection is an analysis method that groups together data points into high density clusters. Data points that fall outside of these high density clusters are considered to be what?

AInconsistencies

BBaselined

CAnomalies

DNon-conformatives

Answer : C

Question 3

The following list contains examples of Tactics, Techniques, and Procedures (TTPs):

* Exploiting a remote service

* Extend movement

* Use EternalBlue to exploit a remote SMB server

In which order are they listed below?

ATactic, Procedure, Technique

BTechnique, Tactic, Procedure

CTactic, Technique, Procedure

DProcedure, Technique, Tactic

Answer : C

Question 4

Rotating encryption keys after a security incident is most closely linked to which security concept?

AConfidentiality

BObfuscation

CIntegrity

DAvailability

Answer : A

Question 5

Which of the following is considered Personal Data under GDPR?

AThe birth date of an unidentified user.

BAn individual's address including their first and last name.

CThe name of a deceased individual.

DA company's registration number.

Answer : B

Question 6

The Lockheed Martin Cyber Kill Chain breaks an attack lifecycle into several stages. A threat actor modified the registry on a compromised Windows system to ensure that their malware would automatically run at boot time. Into which phase of the Kill Chain would this fall?

AAct on Objectives

BExploitation

CDelivery

DInstallation

Answer : D

Question 7

Which metric would track improvements in analyst efficiency after dashboard customization?

AMean Time to Detect

BMean Time to Respond

CRecovery Time

DDwell Time

Answer : B

Splunk Certified Cybersecurity Defense Analyst SPLK-5001 Exam Practice Test