Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

ag-Cybersecurity Bootcamp Study Aid > 19.1 Splunk Dashboards and Visualizations > Flashcards

19.1 Splunk Dashboards and Visualizations Flashcards

1
Q

Splunk uses the _______ feature to display specific values from search results in an easy-to-read spreadsheet.

A

Splunk uses the Statistics feature to display specific values from search results in an easy-to-read spreadsheet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The eval command is used to _________.

A

The eval command is used to design new fields or modify existing fields.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Designing poor alerts can cause two types of issues: ______ and ________.

A

Designing poor alerts can cause two types of issues: false positives and false negatives.

  • False positives occur when conditions are met and an alert is triggered, but the security situation being monitored did not actually occur.
  • False negatives occur when the condition is met and an alert is not triggered, meaning the security situation occurred undetected.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

_______ is a method of looking at historical data to determine how much activity is considered “normal.”

Security professionals use baselining to determine a _______.

A _______ is the condition or level that, when met, triggers an alert.

A

Baselining is a method of looking at historical data to determine how much activity is considered “normal.”

Security professionals use baselining to determine a threshold.

A threshold is the condition or level that, when met, triggers an alert.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

________ are similar to the RPM dial found in the dashboard of a car.

A

**Radial gauges** are similar to the RPM dial found in the dashboard of a car.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Splunk can create location-specific reports with the ______ and ______ commands.

A

Splunk can create location-specific reports with the iplocation and geostats commands.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

_______ are a collection of multiple visualizations in a single location.

The visualizations are placed in different sections, called ______.

A

**Dashboards** are a collection of multiple visualizations in a single location.

The visualizations are placed in different sections, called **panels**.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Panels can contain: (4)

A

Panels can contain:

  • Single value visualizations
  • Multiple value visualizations
  • Geographic maps
  • Statistical charts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

ag-Cybersecurity Bootcamp Study Aid (55 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions