ExamGecko
Home / Palo Alto Networks / PCSAE / List of questions
Ask Question

Palo Alto Networks PCSAE Practice Test - Questions Answers, Page 12

List of questions

Question 111

Report
Export
Collapse

Which task type would be used to verify/check that an integration was enabled?

Standard task
Standard task
Conditional task
Conditional task
Section Header task
Section Header task
Data Collection task
Data Collection task
Suggested answer: D
asked 23/09/2024
Ioana Mihaila
21 questions

Question 112

Report
Export
Collapse

What is used to trigger playbooks automatically based on the classification of an incident?

Indicator type
Indicator type
Incoming mapper
Incoming mapper
Incident types
Incident types
Integration configuration
Integration configuration
Suggested answer: C
asked 23/09/2024
Derek Steven Schulte
41 questions

Question 113

Report
Export
Collapse

After executing the DeleteContext automation with all=yes argument, how would the context data of an incident present?

All the data, including the incident key will be deleted, and the context data will be completely empty.
All the data, including the incident key will be deleted, and the context data will be completely empty.
No difference, the automation cannot be executed manually.
No difference, the automation cannot be executed manually.
All context data, including custom incident fields will be deleted, system incident fields will remain.
All context data, including custom incident fields will be deleted, system incident fields will remain.
All context data, except the incident key will be deleted.
All context data, except the incident key will be deleted.
Suggested answer: D
asked 23/09/2024
Arun Pandian
40 questions

Question 114

Report
Export
Collapse

An XSOAR engineer has been tasked with exporting all indicators from the production environment in the last 90 days. The final report needs to be in CSV format containing all indicator fields. How can this task be achieved?

Run the command !GetIndicatorsByQuery in CLI with its default arguments and export all indicators in the last 90 days.
Run the command !GetIndicatorsByQuery in CLI with its default arguments and export all indicators in the last 90 days.
SSH into the server and copy the indicator's database.
SSH into the server and copy the indicator's database.
In the Threat Intel page, add query firstSeen:>="90 days ago", select All columns in Table View, and click Export to export as a CSV.
In the Threat Intel page, add query firstSeen:>="90 days ago", select All columns in Table View, and click Export to export as a CSV.
Run the command !findIndicators in CLI with the query firstSeen:>="90 days ago" and export to CSV.
Run the command !findIndicators in CLI with the query firstSeen:>="90 days ago" and export to CSV.
Suggested answer: C
asked 23/09/2024
Robert Akehurst
32 questions

Question 115

Report
Export
Collapse

An administrator has noticed that an incident fetch has failed, causing several internal workflows to be backed up. The administrator would like to receive notifications the next time the incident fetch fails.

How can they achieve this?

Create a custom playbook that sends an email each time the fetch fails.
Create a custom playbook that sends an email each time the fetch fails.
Create a new integration that monitors the incident fetch and sends an email if the fetch fails.
Create a new integration that monitors the incident fetch and sends an email if the fetch fails.
Schedule a job that runs and monitors incidents in XSOAR that will send an email if there are no new incidents.
Schedule a job that runs and monitors incidents in XSOAR that will send an email if there are no new incidents.
Add a server config to notify when incident fetch fails.
Add a server config to notify when incident fetch fails.
Suggested answer: B
asked 23/09/2024
Jordan Pfingsten
44 questions

Question 116

Report
Export
Collapse

An analyst runs the following command in a playbook task:

!ip ip=1.1.1.1

Which extraction mode needs to be enabled on the Advanced tab of the playbook task to synchronously extract indicators from the results of this command?

Synchronous
Synchronous
Extract
Extract
Out of band
Out of band
Inline
Inline
Suggested answer: D
asked 23/09/2024
Jeff Benson
44 questions

Question 117

Report
Export
Collapse

Threat Intel search queries can be shared with which of the following? (Select 1)

Become a Premium Member for full access
  Unlock Premium Member

Question 118

Report
Export
Collapse

An administrator wants to run an automation in the War Room to set the incident field "Description" to "Confirmed Phishing". Which command should they enter in the War Room CLI?

Become a Premium Member for full access
  Unlock Premium Member

Question 119

Report
Export
Collapse

Select the correct incident life cycle on XSOAR.

Become a Premium Member for full access
  Unlock Premium Member

Question 120

Report
Export
Collapse

Which of the following does a XSOAR Admin need to create an integration with a third party cloud application?

Become a Premium Member for full access
  Unlock Premium Member
Total 157 questions
Go to page: of 16

Related questions