SPLK-2002 Actual Exam Questions

Last updated on Dec. 15, 2024.
Vendor:Splunk
Exam Code:SPLK-2002
Exam Name:Splunk Enterprise Certified Architect
Exam Questions:90
 

Topic 1 - Single Topic

Question #1 Topic 1

Which of the following will cause the greatest reduction in disk size requirements for a cluster of N indexers running Splunk Enterprise Security?

  • A. Setting the cluster search factor to N-1.
  • B. Increasing the number of buckets per index.
  • C. Decreasing the data model acceleration range.
  • D. Setting the cluster replication factor to N-1.
Reveal Solution Hide Solution   Discussion   14

Correct Answer: A 🗳️

Question #2 Topic 1

Stakeholders have identified high availability for searchable data as their top priority. Which of the following best addresses this requirement?

  • A. Increasing the search factor in the cluster.
  • B. Increasing the replication factor in the cluster.
  • C. Increasing the number of search heads in the cluster.
  • D. Increasing the number of CPUs on the indexers in the cluster.
Reveal Solution Hide Solution   Discussion   11

Correct Answer: A 🗳️

Question #3 Topic 1

Search dashboards in the Monitoring Console indicate that the distributed deployment is approaching its capacity. Which of the following options will provide the most search performance improvement?

  • A. Replace the indexer storage to solid state drives (SSD).
  • B. Add more search heads and redistribute users based on the search type.
  • C. Look for slow searches and reschedule them to run during an off-peak time.
  • D. Add more search peers and make sure forwarders distribute data evenly across all indexers.
Reveal Solution Hide Solution   Discussion   8

Correct Answer: D 🗳️

Question #4 Topic 1

A Splunk architect has inherited the Splunk deployment at Buttercup Games and end users are complaining that the events are inconsistently formatted for a web sourcetype. Further investigation reveals that not all web logs flow through the same infrastructure: some of the data goes through heavy forwarders and some of the forwarders are managed by another department.
Which of the following items might be the cause for this issue?

  • A. The search head may have different configurations than the indexers.
  • B. The data inputs are not properly configured across all the forwarders.
  • C. The indexers may have different configurations than the heavy forwarders.
  • D. The forwarders managed by the other department are an older version than the rest.
Reveal Solution Hide Solution   Discussion   10

Correct Answer: C 🗳️

file Viewing page 1 out of 23 pages.
Viewing questions 1-4 out of 90 questions
Next Questions
Browse atleast 50% to increase passing rate cup
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago