9

Practice Questions

Network Forensics Practice QuestionsAdvanced Network Forensics Practice QuestionsAdvanced Network Forensics FTP Hydra Crack Practice QuestionsAdvanced Network Forensics Telnet Hydra Crack Practice QuestionsSIEM Practice QuestionsIncident Response Practice QuestionsLive Forensics Practice QuestionsDLP Regex Practice QuestionsSplunk Practice Questions

Splunk Practice Questions

Last Update Unknown

Splunk Practice Questions

Click here to download the Buttercup data for use in Splunk for the following questions.

Q1: Refer to the Splunk analysis. How many accesses were accessed by a "Chrome" browser and a "GET" method request (Hint - "chrome" AND method=GET):

Select one:

  • 6,109
  • 28,408
  • 20,775
  • 3,542
Reveal Answer

The correct answer is: 20,775

Q2: Refer to the Splunk analysis. For data analysis, how many sources are there:

Select one:

  • 3
  • 4
  • 8
  • 10
Reveal Answer

The correct answer is: 4

Q3: Refer to the Splunk analysis. For access*, which is the 3rd top IP address for successful purchases (Hint: sourcetype=access* status=200 action=purchase | top limit=1 clientip):

Select one:

  • 107.3.146.207
  • 194.215.205.19
  • 87.194.216.51
  • 211.166.11.101
  • 128.241.220.82
Reveal Answer

The correct answer is: 87.194.216.51

Q4: Refer to the Splunk analysis. For access*, which is the number of successful purchases for the 1st most popular IP address (Hint: sourcetype=access* status=200 action=purchase | top limit=1 clientip):

Select one:

  • 33
  • 10
  • 134
  • 45
  • 95
Reveal Answer

The correct answer is: 95

Q5: Refer to the Splunk analysis. When was the peak accesses by a "Chrome" browser or a "POST" method request (Hint - "chrome" OR method=POST):

Select one:

  • 19 April
  • 22 April
  • 21 April
  • 20 April
Reveal Answer

The correct answer is: 21 April

Q6: Refer to the Splunk analysis. How many accesses are there from a Chrome browser (Hint: "chrome"):

Select one:

  • 9,651
  • 37,346
  • 42,001
  • 14,786
Reveal Answer

The correct answer is: 42,001

Q7: Refer to the Splunk analysis for access*.log. How many STRATEGY games have been successfully purchased (Hint - categoryId=STRATEGY action=purchase status=200):

Select one:

  • 367
  • 493
  • 245
  • 246
  • 806
Reveal Answer

The correct answer is: 246

Q8: Refer to the Splunk analysis. By examining the vender_sales log, which vendor has generated the least sales (hint: source="sourcetype="vendor*" and mine for VendorID):

Select one:

  • 9115
  • 1225
  • 1192
  • 1060
Reveal Answer

The correct answer is: 1060

Q9: Refer to the Splunk analysis for access*.log. How many SIMULATION games have been successfully purchased (Hint - categoryId=TEE action=purchase status=200):

Select one:

  • 367
  • 245
  • 493
  • 246
  • 806
Reveal Answer

The correct answer is: 806

Q10: Refer to the Splunk analysis for access*.log. For an HTTP GET request, which is the most popular return code [Hint - sourcetype="access*" method="GET"| top limit=20 status]:

Select one:

  • 500 (Internal server error)
  • 408 (Request timeout Explained)
  • 400 (Bad request)
  • 406 (Not acceptable)
  • 200 (OK)
  • 404 (File not found)
Reveal Answer

The correct answer is: 200 (OK)