Splunk Enterprise Certified Architect — Question 51

When planning user management for a new Splunk deployment, which task can be disregarded?

Answer options

• A. Identify users authenticating with Splunk native authentication.
• B. Identify users authenticating with Splunk using LDAP or SAML.
• C. Determine the number of users present in Splunk log events.
• D. Determine the capabilities users need within the Splunk environment.

Correct answer: C

Explanation

The correct answer is C, as determining the number of users in Splunk log events is not essential for user management planning. Options A and B are necessary for understanding authentication methods, while option D is crucial for assigning appropriate permissions and roles to users.