1. Home
  2. Splunk
  3. SPLK-3001 Exam Syllabus

Splunk SPLK-3001 Exam Syllabus

Start Free SPLK-3001 Exam Practice After Reviewing the Topics

Before starting your SPLK-3001 exam preparation, it is recommended to review the complete Splunk Enterprise Security Certified Admin exam syllabus and carefully go through the exam objectives listed below. Once you understand the exam structure and objectives, you should practice using our free SPLK-3001 questions. We also provide premium SPLK-3001 practice test, fully updated according to the latest exam objectives, to help you accurately assess your preparedness for the actual exam.

Splunk
Vendor
SPLK-3001
Exam Code
99
Total Questions
12
Total Exam Domains

START FREE SPLK-3001 EXAM PRACTICE

NO SIGNUP REQUIRED  •  100% FREE TO START

SPLK-3001 EXAM QUESTIONS

Splunk SPLK-3001 Exam Objectives

Section 1: 1.0 ES Introduction
Weight:
5%
1.1 Overview of ES features and concepts
Section 2: 2.0 Monitoring and Investigation
Weight:
10%
2.1 Security posture
2.2 Incident review
2.3 Notable events management
2.4 Investigations
Section 3: 3.0 Security Intelligence
Weight:
5%
3.1 Overview of security intel tools
Section 4: 4.0 Forensics, Glass Tables, and Navigation Control
Weight:
10%
4.1 Explore forensics dashboards
4.2 Examine glass tables
4.3 Configure navigation and dashboard permissions
Section 5: 5.0 ES Deployment
Weight:
10%
5.1 Identify deployment topologies
5.2 Examine the deployment checklist
5.3 Understand indexing strategy for ES
5.4 Understand ES Data Models
Section 6: 6.0 Installation and Configuration
Weight:
15%
6.1 Prepare a Splunk environment for installation
6.2 Download and install ES on a search head
6.3 Understand ES Splunk user accounts and roles
6.4 Post-install configuration tasks
Section 7: 7.0 Validating ES Data
Weight:
10%
7.1 Plan ES inputs
7.2 Configure technology add-ons
Section 8: 8.0 Custom Add-ons
Weight:
5%
8.1 Design a new add-on for custom data
8.2 Use the Add-on Builder to build a new add-on
Section 9: 9.0 Tuning Correlation Searches
Weight:
10%
9.1 Configure correlation search scheduling and sensitivity
9.2 Tune ES correlation searches
Section 10: 10.0 Creating Correlation Searches
Weight:
10%
10.1 Create a custom correlation search
10.2 Configuring adaptive responses
10.3 Search export/import
Section 11: 11.0 Lookups and Identity Management
Weight:
5%
11.1 Identify ES-specific lookups
11.2 Understand and configure lookup lists
Section 12: 12.0 Threat Intelligence Framework
Weight:
5%
12.1 Understand and configure threat intelligence
12.2 Configure user activity analysis
Info