ExamGecko
Login
Home / Palo Alto Networks / PCSAE / List of questions
Ask Question

Palo Alto Networks PCSAE Practice Test - Questions Answers, Page 11

List of questions

Question 101

Report
Export
Collapse

Which playbook will a job run by default?

The playbook assigned to the incident type
The playbook assigned to the incident type
The playbook assigned to the indicator type
The playbook assigned to the indicator type
The playbook assigned during pre-processing
The playbook assigned during pre-processing
The playbook assigned by the integration
The playbook assigned by the integration
Suggested answer: A
asked 23/09/2024
ERIK BURDETT
42 questions

Question 102

Report
Export
Collapse

Which of the following is a feature of XSOAR automations?

can run on multiple docker containers
can run on multiple docker containers
can be set to run on a scheduled basis in the automation settings
can be set to run on a scheduled basis in the automation settings
can be password protected
can be password protected
can be written in C++
can be written in C++
Suggested answer: B

Explanation:

Reference: https://www.paloaltonetworks.com/resources/datasheets/cortex-xsoar-overview

asked 23/09/2024
Angel Luis Cuenca Garcia
33 questions

Question 103

Report
Export
Collapse

An administrator wants to send an email via the Mail Sender integration. Which of the following out of the box methods would be used for that?

XSOAR D2 agent
XSOAR D2 agent
external integration command
external integration command
XSOAR shared agent
XSOAR shared agent
common automation script
common automation script
Suggested answer: B
asked 23/09/2024
Felomino Bacquiano II
45 questions

Question 104

Report
Export
Collapse

When is the post-processing script executed in XSOAR?

Just after the incident is created
Just after the incident is created
Just after the pre-processing is executed
Just after the pre-processing is executed
Just after the playbook is executed
Just after the playbook is executed
Just after the Close Incident button is clicked
Just after the Close Incident button is clicked
Suggested answer: C
asked 23/09/2024
Jose ESPINOZA
41 questions

Question 105

Report
Export
Collapse

Which option is available in XSOAR to create the body of a Threat Intel Report?

Markdown
Markdown
Grid Fields
Grid Fields
DOC format
DOC format
Javascript
Javascript
Suggested answer: A

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.9/Cortex-XSOAR-Threat-Intel-Management-Guide/Create-a-Threat-Intel-Report

asked 23/09/2024
Jesserey Joseph
44 questions

Question 106

Report
Export
Collapse

Palo Alto Networks PCSAE image Question 106 54769 09232024001234000000

Given the following context data, what would be the expected output of the expression?

1E56733826E5035233A097FCEA2046AF96EC616C
1E56733826E5035233A097FCEA2046AF96EC616C
E6EF5142E2553C1E442A0FFAC07636EAC61E6EDD
E6EF5142E2553C1E442A0FFAC07636EAC61E6EDD
8D193FA162A305E4859BA8C45F5121F7265E3ABB
8D193FA162A305E4859BA8C45F5121F7265E3ABB
e6ef5142e2553c1e442a0ffac07636eac61e6edd
e6ef5142e2553c1e442a0ffac07636eac61e6edd
Suggested answer: D
asked 23/09/2024
Andrea Ciovati
41 questions

Question 107

Report
Export
Collapse

Where are incident layouts customized?

Settings > Object Setup > Incidents > Layouts
Settings > Object Setup > Incidents > Layouts
Settings > Integrations > Instance configuration
Settings > Integrations > Instance configuration
Settings > Object Setup > Indicators > Layouts
Settings > Object Setup > Indicators > Layouts
Settings > Advanced > Incident Layouts
Settings > Advanced > Incident Layouts
Suggested answer: A

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.6/Cortex-XSOARAdministrator-Guide/Customize-Incident-Layouts

asked 23/09/2024
Mark Josef Delos Santos
32 questions

Question 108

Report
Export
Collapse

How can Cortex XSOAR administrators prevent junior analysts from viewing a senior analyst dashboard?

Share the dashboard in Read and Edit mode for senior analysts.
Share the dashboard in Read and Edit mode for senior analysts.
Share the dashboard in Read & Edit mode for senior analysts and Read Only for juniors analysts.
Share the dashboard in Read & Edit mode for senior analysts and Read Only for juniors analysts.
Share the dashboard in Read and Write mode for senior analysts.
Share the dashboard in Read and Write mode for senior analysts.
Share the dashboard in Read Only mode for junior analysts and senior analysts.
Share the dashboard in Read Only mode for junior analysts and senior analysts.
Suggested answer: B

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.5/Cortex-XSOARAdministrator-Guide/Create-the-Read-Only-Dashboard

asked 23/09/2024
Alan Coutinho
42 questions

Question 109

Report
Export
Collapse

Which content type cannot be managed using remote repositories?

Lists
Lists
Jobs
Jobs
Pre-processing rules
Pre-processing rules
Exclusion List
Exclusion List
Suggested answer: A
asked 23/09/2024
Andres Mauricio Rodriguez
35 questions

Question 110

Report
Export
Collapse

An analyst wants to run a script to remove usernames from an incident before the incident becomes active in XSOAR. How can this be achieved?

Run an automation script in the Playground to remove usernames from the incident.
Run an automation script in the Playground to remove usernames from the incident.
Create a pre-processing rule that runs an automation script to remove usernames from the incident as it comes into XSOAR.
Create a pre-processing rule that runs an automation script to remove usernames from the incident as it comes into XSOAR.
Run an automation script on the XSOAR server to remove usernames from the incident.
Run an automation script on the XSOAR server to remove usernames from the incident.
Create a playbook task to remove the usernames from the incident.
Create a playbook task to remove the usernames from the incident.
Suggested answer: B

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.6/Cortex-XSOARAdministrator-Guide/Incident-Management

asked 23/09/2024
Matias Cordero Ochoa
35 questions
Total 157 questions
Go to page: of 16
Open VPLUS File
Convert VPLUS to PDF

Related questions

Incidents need to be filtered by all of the following criteria:
On the System Diagnostics page, what is the default minimum size for a Work Plan to be considered big?
Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)
A playbook task generates a report as HTML in the context data. An engineer creates a custom indicator field of type "HTML" and adds the field to a section in a custom indicator layout. How can the engineer populate the HTML field in the indicator layout?
An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users. Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)
Newly created subplaybooks do not have any inputs, or outputs. What is necessary to make them functional? (Choose two.)
During configuration of the inputs of a sub-playbook in the main playbook, there is an option under the Loop tab called "For Each Input". What is this option used to?
An engineer wants to customize the regex for the default IP indicator type. How can this change be implemented?
After enriching a username using Active Directory, an engineer would like to send an email to the user’s manager. However, this functionality is not part of the command output. The engineer checks with raw- response=true and notices that the manager’s email is returned, but not saved in the context. How can the engineer save the data so it will be accessible?
What are two of the actions available on the Version History tab of a content pack in the marketplace? (Choose two.)