Question 1

Which of the following are common built-in dashboards in Splunk Enterprise Security?

Options :

A : User Activity

B : Compliance Overview

C : Threat Intelligence

D : Network Traffic Analysis

E : Asset Investigator

F : Incident Review

Answer: A,E

Question 2

Which of the following are examples of threat intelligence sources?

Options :

A : Internal incident reports

B : Commercial threat feeds

C : Open-source feeds

D : Social media platforms

Answer: A,B,C

Question 3

What are common roles in a SOC?

Options :

A : Analyst, Engineer, Architect

B : Investigator, Operator, Supervisor

C : Specialist, Coordinator, Administrator

D : Developer, Manager, Technician

Answer: A

Question 4

What term describes a coordinated network of compromised computers controlled by a single entity?

Options :

A : Router

B : Firewall

C : Botnet

D : Modem

Answer: C

Question 5

What is the purpose of adaptive response actions in Splunk Enterprise Security?

Options :

A : To generate threat intelligence reports

B : To automate incident response actions based on predefined conditions

C : To visualize security events in real-time

D :

To analyze network traffic patterns

Answer: B