SPLK-1003 Free Practice Test

The universal forwarder has which capabilities when sending data? (Select all that apply.)

1. A. Sending alerts
2. B. Compressing data
3. C. Obfuscating/hiding data
4. D. Indexer acknowledgement

Correct Answer: D
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Forwarding/Typesofforwarders

Which optional configuration setting in inputs.conf allows you to selectively forward the data to specific indexer(s)?

1. A. _TCP_ROUTING
2. B. _INDEXER_LIST
3. C. _INDEXER_GROUP
4. D. _INDEXER_ROUTING

Correct Answer: A
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Data/Monitorfilesanddirectorieswithinputs.conf

Which Splunk forwarder type allows parsing of data before forwarding to an indexer?

1. A. Universal forwarder
2. B. Parsing forwarder
3. C. Heavy forwarder
4. D. Advanced forwarder

Correct Answer: C
Reference: https://docs.splunk.com/Documentation/SplunkCloud/7.2.6/Forwarding/Typesofforwarders

Which option accurately describes the purpose of the HTTP Event Collector (HEC)?

1. A. A token-based HTTP input that is secure and scalable and that requires the use of forwarders.
2. B. A token-based HTTP input that is secure and scalable and that does not require the use of forwarders.
3. C. An agent-based HTTP input that is secure and scalable and that does not require the use of forwarders.
4. D. A token-based HTTP input that is insecure and non-scalable and that does not require the use of forwarders.

Correct Answer: B
Reference: http://dev.splunk.com/view/event-collector/SP-CAAAE6M

User role inheritance allows what to be inherited from the parent role? (Select all that apply.)

1. A. Parents
2. B. Capabilities
3. C. Index access
4. D. Search history

Correct Answer: B
Reference: https://docs.splunk.com/Documentation/Splunk/7.3.1/Security/Aboutusersandroles#How_users_inherit_capabilities