ExamTopics Logo
Mail Us[email protected]
Menu
Splunk Discussions
exam questions

Exam SPLK-3001 All Questions

View all questions & answers for the SPLK-3001 exam
Go to Exam

Exam SPLK-3001 topic 1 question 69 discussion

Actual exam question from Splunk's SPLK-3001
Question #: 69
Topic #: 1
[All SPLK-3001 Questions]

Which of the following lookup types in Enterprise Security contains information about known hostile IP addresses?

  • A. Security domains.
  • B. Threat intel.
  • C. Assets.
  • D. Domains.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
Reference:
https://docs.splunk.com/Documentation/ES/6.4.1/Admin/Manageinternallookups
by bestoon at May 29, 2022, 1:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
bestoon
5 months ago
Correct answer is C. Assets lookup is where you can find IP and mac fields. Configure > Content Management > Type:Managed lookup > Assets
upvoted 1 times
bestoon
4 months, 3 weeks ago
Modifying the answer after some research. Assets lookup is the type where you can add IP addresses for your assets in your environment. Threat Intel is the type where the Known hostile IP addresses is defined. I missed the key word "known hostile ". So Correct answer should be B.
upvoted 9 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago