ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCSAE

Palo Alto Networks PCSAE Practice Test - Questions Answers, Page 11

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

On the System Diagnostics page, what is the default minimum size for a Work Plan to be considered big?
An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users. Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)
Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)
Which of the following is a basic setting that can be configured in an automation?
What are two of the actions available on the Version History tab of a content pack in the marketplace? (Choose two.)
A SOC analyst needs to retrieve the list of all open phishing incidents in the last 30 days. What is the correct query to use?
To avoid exceeding API quotas for third-party services, indicators are only updated after the indicator cache expiration period. What is the default cache expiration period for indicators in XSOAR (minutes/days)?
Which development languages are supported when creating XSOAR automation scripts?
What is the default landing page for a new user in XSOAR?
Which configuration is a valid distributed database (DB) implementation?

Question 101

Report
Export
Collapse

Which playbook will a job run by default?

A.
The playbook assigned to the incident type
A.
The playbook assigned to the incident type
Answers
B.
The playbook assigned to the indicator type
B.
The playbook assigned to the indicator type
Answers
C.
The playbook assigned during pre-processing
C.
The playbook assigned during pre-processing
Answers
D.
The playbook assigned by the integration
D.
The playbook assigned by the integration
Answers
Suggested answer: A

Question 102

Report
Export
Collapse

Which of the following is a feature of XSOAR automations?

A.
can run on multiple docker containers
A.
can run on multiple docker containers
Answers
B.
can be set to run on a scheduled basis in the automation settings
B.
can be set to run on a scheduled basis in the automation settings
Answers
C.
can be password protected
C.
can be password protected
Answers
D.
can be written in C++
D.
can be written in C++
Answers
Suggested answer: B

Explanation:

Reference: https://www.paloaltonetworks.com/resources/datasheets/cortex-xsoar-overview

Question 103

Report
Export
Collapse

An administrator wants to send an email via the Mail Sender integration. Which of the following out of the box methods would be used for that?

A.
XSOAR D2 agent
A.
XSOAR D2 agent
Answers
B.
external integration command
B.
external integration command
Answers
C.
XSOAR shared agent
C.
XSOAR shared agent
Answers
D.
common automation script
D.
common automation script
Answers
Suggested answer: B

Question 104

Report
Export
Collapse

When is the post-processing script executed in XSOAR?

A.
Just after the incident is created
A.
Just after the incident is created
Answers
B.
Just after the pre-processing is executed
B.
Just after the pre-processing is executed
Answers
C.
Just after the playbook is executed
C.
Just after the playbook is executed
Answers
D.
Just after the Close Incident button is clicked
D.
Just after the Close Incident button is clicked
Answers
Suggested answer: C

Question 105

Report
Export
Collapse

Which option is available in XSOAR to create the body of a Threat Intel Report?

A.
Markdown
A.
Markdown
Answers
B.
Grid Fields
B.
Grid Fields
Answers
C.
DOC format
C.
DOC format
Answers
D.
Javascript
D.
Javascript
Answers
Suggested answer: A

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.9/Cortex-XSOAR-Threat-Intel-Management-Guide/Create-a-Threat-Intel-Report

Question 106

Report
Export
Collapse

Given the following context data, what would be the expected output of the expression?

A.
1E56733826E5035233A097FCEA2046AF96EC616C
A.
1E56733826E5035233A097FCEA2046AF96EC616C
Answers
B.
E6EF5142E2553C1E442A0FFAC07636EAC61E6EDD
B.
E6EF5142E2553C1E442A0FFAC07636EAC61E6EDD
Answers
C.
8D193FA162A305E4859BA8C45F5121F7265E3ABB
C.
8D193FA162A305E4859BA8C45F5121F7265E3ABB
Answers
D.
e6ef5142e2553c1e442a0ffac07636eac61e6edd
D.
e6ef5142e2553c1e442a0ffac07636eac61e6edd
Answers
Suggested answer: D

Question 107

Report
Export
Collapse

Where are incident layouts customized?

A.
Settings > Object Setup > Incidents > Layouts
A.
Settings > Object Setup > Incidents > Layouts
Answers
B.
Settings > Integrations > Instance configuration
B.
Settings > Integrations > Instance configuration
Answers
C.
Settings > Object Setup > Indicators > Layouts
C.
Settings > Object Setup > Indicators > Layouts
Answers
D.
Settings > Advanced > Incident Layouts
D.
Settings > Advanced > Incident Layouts
Answers
Suggested answer: A

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.6/Cortex-XSOARAdministrator-Guide/Customize-Incident-Layouts

Question 108

Report
Export
Collapse

How can Cortex XSOAR administrators prevent junior analysts from viewing a senior analyst dashboard?

A.
Share the dashboard in Read and Edit mode for senior analysts.
A.
Share the dashboard in Read and Edit mode for senior analysts.
Answers
B.
Share the dashboard in Read & Edit mode for senior analysts and Read Only for juniors analysts.
B.
Share the dashboard in Read & Edit mode for senior analysts and Read Only for juniors analysts.
Answers
C.
Share the dashboard in Read and Write mode for senior analysts.
C.
Share the dashboard in Read and Write mode for senior analysts.
Answers
D.
Share the dashboard in Read Only mode for junior analysts and senior analysts.
D.
Share the dashboard in Read Only mode for junior analysts and senior analysts.
Answers
Suggested answer: B

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.5/Cortex-XSOARAdministrator-Guide/Create-the-Read-Only-Dashboard

Question 109

Report
Export
Collapse

Which content type cannot be managed using remote repositories?

A.
Lists
A.
Lists
Answers
B.
Jobs
B.
Jobs
Answers
C.
Pre-processing rules
C.
Pre-processing rules
Answers
D.
Exclusion List
D.
Exclusion List
Answers
Suggested answer: A

Question 110

Report
Export
Collapse

An analyst wants to run a script to remove usernames from an incident before the incident becomes active in XSOAR. How can this be achieved?

A.
Run an automation script in the Playground to remove usernames from the incident.
A.
Run an automation script in the Playground to remove usernames from the incident.
Answers
B.
Create a pre-processing rule that runs an automation script to remove usernames from the incident as it comes into XSOAR.
B.
Create a pre-processing rule that runs an automation script to remove usernames from the incident as it comes into XSOAR.
Answers
C.
Run an automation script on the XSOAR server to remove usernames from the incident.
C.
Run an automation script on the XSOAR server to remove usernames from the incident.
Answers
D.
Create a playbook task to remove the usernames from the incident.
D.
Create a playbook task to remove the usernames from the incident.
Answers
Suggested answer: B

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.6/Cortex-XSOARAdministrator-Guide/Incident-Management

Total 157 questions
Go to page: of 16
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms