Splunk SPLK-3001 Exam Syllabus
Start Free SPLK-3001 Exam Practice After Reviewing the Topics
Before starting your SPLK-3001 exam preparation, it is recommended to review the complete Splunk Enterprise Security Certified Admin exam syllabus and carefully go through the exam objectives listed below. Once you understand the exam structure and objectives, you should practice using our free SPLK-3001 questions. We also provide premium SPLK-3001 practice test, fully updated according to the latest exam objectives, to help you accurately assess your preparedness for the actual exam.
Splunk
Vendor
SPLK-3001
Exam Code
99
Total Questions
12
Total Exam Domains
Splunk SPLK-3001 Exam Objectives
| Section 1: 1.0 ES Introduction | |
|
Weight: 5% |
1.1 Overview of ES features and concepts
|
| Section 2: 2.0 Monitoring and Investigation | |
|
Weight: 10% |
2.1 Security posture
2.2 Incident review 2.3 Notable events management 2.4 Investigations |
| Section 3: 3.0 Security Intelligence | |
|
Weight: 5% |
3.1 Overview of security intel tools
|
| Section 4: 4.0 Forensics, Glass Tables, and Navigation Control | |
|
Weight: 10% |
4.1 Explore forensics dashboards
4.2 Examine glass tables 4.3 Configure navigation and dashboard permissions |
| Section 5: 5.0 ES Deployment | |
|
Weight: 10% |
5.1 Identify deployment topologies
5.2 Examine the deployment checklist 5.3 Understand indexing strategy for ES 5.4 Understand ES Data Models |
| Section 6: 6.0 Installation and Configuration | |
|
Weight: 15% |
6.1 Prepare a Splunk environment for installation
6.2 Download and install ES on a search head 6.3 Understand ES Splunk user accounts and roles 6.4 Post-install configuration tasks |
| Section 7: 7.0 Validating ES Data | |
|
Weight: 10% |
7.1 Plan ES inputs
7.2 Configure technology add-ons |
| Section 8: 8.0 Custom Add-ons | |
|
Weight: 5% |
8.1 Design a new add-on for custom data
8.2 Use the Add-on Builder to build a new add-on |
| Section 9: 9.0 Tuning Correlation Searches | |
|
Weight: 10% |
9.1 Configure correlation search scheduling and sensitivity
9.2 Tune ES correlation searches |
| Section 10: 10.0 Creating Correlation Searches | |
|
Weight: 10% |
10.1 Create a custom correlation search
10.2 Configuring adaptive responses 10.3 Search export/import |
| Section 11: 11.0 Lookups and Identity Management | |
|
Weight: 5% |
11.1 Identify ES-specific lookups
11.2 Understand and configure lookup lists |
| Section 12: 12.0 Threat Intelligence Framework | |
|
Weight: 5% |
12.1 Understand and configure threat intelligence
12.2 Configure user activity analysis |
| Info | |