The explanation is as follows:
The transaction command is used to find transactions based on events that meet various constraints12.
Transactions are made up of the raw text (the _raw field) of each member, the time and date fields of the earliest member, as well as the union of all other fields of each member1.
The startswith option is used to define the first event in a transaction by specifying a search term or an expression that matches the event13.
For example, | transaction clientip JSESSIONID startswith="view" will create transactions based on the clientip and JSESSIONID fields, and the first event in each transaction will contain the term "view" in the
_raw field2.

The statement that pivot is used for creating reports and dashboards is true. Pivot is a graphical interface that allows you to create tables, charts, and visualizations from data models. Data models are structured datasets that define how data is organized and categorized. Pivot does not create datasets, but uses existing ones.

The correct answer is C. When events contain unstructured data.
The regular expression method works best with unstructured event data, such as log files or text messages, where the fields are not separated by a common delimiter, such as a comma or space1. You select a sample event and highlight one or more fields to extract from that event, and the field extractor generates a regular expression that matches similar events in your dataset and extracts the fields from them1. The regular expression method provides several tools for testing and refining the accuracy of the regular expression. It also allows you to manually edit the regular expression1.
The delimiters method is designed for structured event data: data from files with headers, where all of the fields in the events are separated by a common delimiter, such as a comma or space1. You select a sample event, identify the delimiter, and then rename the fields that the field extractor finds1. This method is simpler and faster than the regular expression method, but it may not work well with complex or irregular data formats1.
Reference:
1: Build field extractions with the field extractor - Splunk Documentation

Splunk event types are based on search strings that cannot contain pipes or subsearches.
Extract: "Event type search strings must not contain a pipe (|) and cannot include transforming or filtering commands." Thus, only option B is a valid event type definition because it is a simple base search without pipelines or subsearches.

Field aliases in Splunk are alternate names assigned to fields. These can be particularly useful for normalizing data from different sources or simply for making field names more intuitive. Once an alias is created for a field, it can be used across various Splunk knowledge objects, enhancing their flexibility and utility.
A: Calculated fields, lookups, event types, and tags: This is the correct answer. Field aliases can indeed be referenced in calculated fields, lookups, event types, and tags within Splunk. When you create an alias for a field, that alias can then be used in these knowledge objects just like any standard field name.
* Calculated fields: These are expressions that can create new field values based on existing data. You can use an alias in a calculated field expression to refer to the original field.
* Lookups: These are used to enrich your event data by referencing external data sources. If you've created an alias for a field that matches a field in your lookup table, you can use that alias in your lookup configurations.
* Event types: These are classifications for events that meet certain search criteria. You can use field aliases in the search criteria for defining an event type.
* Tags: These allow you to assign meaningful labels to data, making it easier to search and report on. You can use field aliases in the search criteria that you tag.