Splunk Enterprise Security Certified Admin — Question 64

Analysts have requested the ability to capture and analyze network traffic data. The administrator has researched the documentation and, based on this research, has decided to integrate the Splunk App for Stream with ES.

Which dashboards will now be supported so analysts can view and analyze network Stream data?

Answer options

• A. Endpoint dashboards.
• B. Protocol Intelligence dashboards.
• C. User Intelligence dashboards.
• D. Web Intelligence dashboards.

Correct answer: B

Explanation

The integration of the Splunk App for Stream with ES specifically enhances the Protocol Intelligence dashboards to allow for the analysis of network traffic. The other options, while related to different aspects of data analysis, do not focus on network Stream data and thus are not applicable in this context.