SPLK-3001 Splunk Enterprise Security Admin Exam
Practice these questions and boost your confidence to take the exam.
This course is built for students who are ready to take the Splunk Enterprise Security Certified Admin certification.
Splunk Enterprise Security Certified Admin Exam Description:
The Splunk Enterprise Security (ES) Certified Admin exam is the final step towards the completion of the Splunk ES Certified Admin certification. This app-specific certification exam is a 57-minute, 66-question assessment that evaluates a candidate’s knowledge and skills in the installation, configuration, and management of Splunk Enterprise Security. Candidates can expect an additional 3 minutes to review the exam agreement, for a total seat time of 60 minutes.
1.0 ES Introduction 5%
2.0 Monitoring and Investigation 10%
3.0 Security Intelligence 5%
4.0 Forensics, Glass Tables, and Navigation Control 10%
5.0 ES Deployment 10%
6.0 Installation and Configuration 15%
7.0 Validating ES Data 10%
8.0 Custom Add-ons 5%
9.0 Tuning Correlation Searches 10%
10.0 Creating Correlation Searches 10%
11.0 Lookups and Identity Management 5%
12.0 Threat Intelligence Framework 5%