New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Sure Pass Exam SPLK-2003 PDF

Page: 4 / 8
Question 16

Which of the following queries would return all artifacts that contain a SHA1 file hash?

Options:

A.

https:// /rest/artifact?_filter_cef_md5_insull=false

B.

https:// /rest/artifact?_filter_cef_Shal_contains=””

C.

https:// /rest/artifact?_filter_cef_shal_insull=False

D.

https:// /rest/artifact?_filter_shal__insull=False

Question 17

How can an individual asset action be manually started?

Options:

A.

With the > action button in the analyst queue page.

B.

By executing a playbook in the Playbooks section.

C.

With the > action button in the Investigation page.

D.

With the > asset button in the asset configuration section.

Question 18

Configuring Phantom search to use an external Splunk server provides which of the following benefits?

Options:

A.

The ability to run more complex reports on Phantom activities.

B.

The ability to ingest Splunk notable events into Phantom.

C.

The ability to automate Splunk searches within Phantom.

D.

The ability to display results as Splunk dashboards within Phantom.

Question 19

When writing a custom function that uses regex to extract the domain name from a URL, a user wants to create a new artifact for the extracted domain. Which of the following Python API calls will create a new artifact?

Options:

A.

phantom.new_artifact ()

B.

phantom. update ()

C.

phantom.create_artifact ()

D.

phantom.add_artifact ()

Page: 4 / 8
Exam Code: SPLK-2003
Exam Name: Splunk SOAR Certified Automation Developer Exam
Last Update: Dec 22, 2024
Questions: 110
SPLK-2003 pdf

SPLK-2003 PDF

$25.5  $84.99
SPLK-2003 Engine

SPLK-2003 Testing Engine

$28.5  $94.99
SPLK-2003 PDF + Engine

SPLK-2003 PDF + Testing Engine

$40.5  $134.99