Examice

Exam SPLK-1003 All QuestionsBrowse all questions from this exam

Go to Exam

Question 92

Which of the following must be done to define user permissions when integrating Splunk with LDAP?

Map Users

Map Groups

Map LDAP Inheritance

Map LDAP to Active Directory

Correct Answer: B

To define user permissions when integrating Splunk with LDAP, you must map LDAP groups to Splunk roles. This is essential because it allows you to leverage the existing group structures within LDAP to manage permissions at a group level, simplifying administration and ensuring consistent access control. If groups are not used in your LDAP environment, users can be mapped individually, but mapping groups is the primary and recommended method given its efficiency and ease of management.

Discussion

afrobenOption: B

Answer is B. Map LDAP groups to Splunk roles.

ucsdmiami2020

Agreed B. Not A and B per the Splunk Reference URL Quoting below https://docs.splunk.com/Documentation/Splunk/8.1.3/Security/ConfigureLDAPwithSplunkWeb "You can map either users or groups, but not both. If you are using groups, all users must be members of an appropriate group. Groups inherit capabilities form the highest level role they're a member of." "If your LDAP environment does not have group entries, you can treat each user as its own group."

SplunkvOption: B

Once you have configured Splunk Enterprise to authenticate via your LDAP server, map your LDAP groups to Splunk roles. If you do not use groups, you can map users individually. from https://docs.splunk.com/Documentation/Splunk/8.1.3/Security/ConfigureLDAPwithSplunkWeb

Splunkv

A and B are correct. as both groups and users can be mapped to splunk roles

Hamiltonian

Confirmed A and B. "After you have configured the Splunk platform to authenticate using your LDAP server, map LDAP groups in your environment to Splunk roles. If you do not use groups, you can map users individually." https://docs.splunk.com/Documentation/Splunk/8.2.0/Security/ConfigureLDAPwithSplunkWeb

thomassOption: B

answer: B

mngeshaOption: B

I would say B is the answer though that is not explicitly stated in the following link https://docs.splunk.com/Documentation/Splunk/8.0.5/Data/ConsiderationsfordecidinghowtomonitorWindowsdata

cagdaskarabag

https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/ConfigureLDAPwithSplunkWeb#:~:text=There%20are%20three,their%20connection%20order.

newrose

thoughts on that one?