If a search returns statistics, it can be viewed as a chart2. Statistics are tabular data that show the relationship between two or more fields2. You can create statistics by using commands such as stats, chart or timechart2. You can view statistics as a chart by selecting the Visualization tab in the Search app and choosing a chart type such as column, line or pie2. Therefore, option B is correct, while options A, C and D are incorrect because they are not types of data that can be viewed as a chart.

The correct answer is D. field2 values are replaced with the value of the field1.
A field alias is a way to associate an additional (new) name with an existing field name. A field alias can be used to normalize fields from different sources that have different names but represent the same data. Field aliases can also be used to rename fields for clarity or convenience1.
When you create a field alias in Splunk Web, you can select the Overwrite Field Values option to change the behavior of the field alias. This option affects how the Splunk software handles situations where the original field has no value or does not exist, as well as situations where the alias field already exists as a field in your events, alongside the original field2.
If you select the Overwrite Field Values option, the following rules apply:
If the original field does not exist or has no value in an event, the alias field is removed from that event.
If the original field and the alias field both exist in an event, the value of the alias field is replaced with the value of the original field.
If you do not select the Overwrite Field Values option, the following rules apply:
If the original field does not exist or has no value in an event, the alias field is unchanged in that event.
If the original field and the alias field both exist in an event, both fields are retained with their respective values.
Therefore, if you create a field alias where field1-field2 and select the Overwrite Field Values option, and an event only contains values for field1, then the value of field2 will be replaced with the value of field1.
Reference:
About calculated fields
About field aliases
Create field aliases in Splunk Web

The search string below creates a table of the total count of mysterymeat corndogs split by user.
| stats count by user | where corndog=mysterymeat
The search string does the following:
It uses the stats command to calculate the count of events for each value of the user field. The stats command creates a table with two columns: user and count.
It uses the where command to filter the results by the value of the corndog field. The where command only keeps the rows where corndog equals mysterymeat.
Therefore, the search string creates a table of the total count of mysterymeat corndogs split by user.

The eval command is a Splunk command that allows you to create or modify fields using expressions .
The if function is an expression that evaluates a condition and returns a value based on whether the condition is true or false. The syntax of the if function is if(X,Y,Z), where X is the condition, Y is the value to return if X is true, and Z is the value to return if X is false.
The isnotnull function is an expression that returns true if the argument is not null, and false otherwise. The syntax of the isnotnull function is isnotnull(X), where X is the argument to check.
Therefore, the expression if (isnotnull (src), src, host) returns the value of src if it is not null, and the value of host otherwise. This means that it will provide a new value for host from src if it exists, and keep the original value of host otherwise.

The correct answer is C. Distributable streaming. This is because the eval command is a type of command that can run on the indexers before the results are sent to the search head. This reduces the amount of data that needs to be transferred and improves the search performance. Distributable streaming commands can operate on each event or result individually, without depending on other events or results. You can learn more about the types of commands and how they affect search performance from the Splunk documentation1.