ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCSAE

Palo Alto Networks PCSAE Practice Test - Questions Answers, Page 13

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

On the System Diagnostics page, what is the default minimum size for a Work Plan to be considered big?
An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users. Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)
Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)
Which of the following is a basic setting that can be configured in an automation?
What are two of the actions available on the Version History tab of a content pack in the marketplace? (Choose two.)
A SOC analyst needs to retrieve the list of all open phishing incidents in the last 30 days. What is the correct query to use?
To avoid exceeding API quotas for third-party services, indicators are only updated after the indicator cache expiration period. What is the default cache expiration period for indicators in XSOAR (minutes/days)?
Which development languages are supported when creating XSOAR automation scripts?
What is the default landing page for a new user in XSOAR?
Which configuration is a valid distributed database (DB) implementation?

Question 121

Report
Export
Collapse

Which of the following is a prerequisite to editing out-of-the-box (OOTB) content?

A.
Download the content from the Marketplace.
A.
Download the content from the Marketplace.
Answers
B.
Go to Settings > About >Troubleshooting and set a flag to allow custom content.
B.
Go to Settings > About >Troubleshooting and set a flag to allow custom content.
Answers
C.
Register a user account with support.paloaltonetworks.com .
C.
Register a user account with support.paloaltonetworks.com .
Answers
D.
Detach the content item you want to edit from the Marketplace.
D.
Detach the content item you want to edit from the Marketplace.
Answers
Suggested answer: B

Question 122

Report
Export
Collapse

At what stage during the incident lifecycle is an incident type assigned?

A.
Pre-processing
A.
Pre-processing
Answers
B.
Incident creation
B.
Incident creation
Answers
C.
Classification
C.
Classification
Answers
D.
Playbook execution
D.
Playbook execution
Answers
Suggested answer: C

Question 123

Report
Export
Collapse

What can you use to assign a layout, field, and playbook to an incoming incident?

A.
Playbook
A.
Playbook
Answers
B.
Classification and mapping
B.
Classification and mapping
Answers
C.
Incident type
C.
Incident type
Answers
D.
Pre-processing
D.
Pre-processing
Answers
Suggested answer: B

Question 124

Report
Export
Collapse

For troubleshooting, after a log bundle is created, where do the logs appear on the XCSOAR server?

A.
/var/lib/demisto
A.
/var/lib/demisto
Answers
B.
/tmp/log/demisto
B.
/tmp/log/demisto
Answers
C.
/usr/local/demisto
C.
/usr/local/demisto
Answers
D.
/var/log/demisto
D.
/var/log/demisto
Answers
Suggested answer: D

Question 125

Report
Export
Collapse

Which three types of information are displayed on the incident Quick View? (Choose three.)

A.
Indicators and relationships
A.
Indicators and relationships
Answers
B.
Timeline information
B.
Timeline information
Answers
C.
Evidence Board
C.
Evidence Board
Answers
D.
Context data
D.
Context data
Answers
E.
Incident severity
E.
Incident severity
Answers
Suggested answer: A, B, C

Question 126

Report
Export
Collapse

Where do you navigate to monitor and improve the system performance and resilience for hosts in a multitenant environment?

A.
Settings > About > Troubleshooting, in the main host account. Each host has a System Diagnostics page.
A.
Settings > About > Troubleshooting, in the main host account. Each host has a System Diagnostics page.
Answers
B.
Settings > Advanced > System Diagnostics, in the main host account. Each host has a System Diagnostics page.
B.
Settings > Advanced > System Diagnostics, in the main host account. Each host has a System Diagnostics page.
Answers
C.
Settings > Account Management > Hosts, in the main host account. Each host has a System Diagnostics page.
C.
Settings > Account Management > Hosts, in the main host account. Each host has a System Diagnostics page.
Answers
D.
Settings > About > System Diagnostics, in the main host account. Each host has a System Diagnostics page.
D.
Settings > About > System Diagnostics, in the main host account. Each host has a System Diagnostics page.
Answers
Suggested answer: D

Question 127

Report
Export
Collapse

When creating an automation in XSOAR, what is the best way to create a log message?

A.
Using a debug statement
A.
Using a debug statement
Answers
B.
Using the demisto.debug() function
B.
Using the demisto.debug() function
Answers
C.
Using a print statement
C.
Using a print statement
Answers
D.
Using the demisto.results() function
D.
Using the demisto.results() function
Answers
Suggested answer: B

Question 128

Report
Export
Collapse

What is an example of a generic reputation command?

A.
!ip
A.
!ip
Answers
B.
!getReputation
B.
!getReputation
Answers
C.
!reputation
C.
!reputation
Answers
D.
!enrichIndicator
D.
!enrichIndicator
Answers
Suggested answer: C

Question 129

Report
Export
Collapse

During the regular maintenance of XSOAR a customer noticed that there was an update available for the Active Directory content pack (current version 1.4.6) and updated the content pack to the latest version (version 1.4.11). However, after the update the customer noticed that the Active Directory Query integration is not working properly and asked you to resolve the issue.

Which of the following set of steps can help to resolve the issue?

A.
Navigate to SettingsView the configured integrations and select Active Directory Authentication Delete all integration instances and add all integration instances again
A.
Navigate to SettingsView the configured integrations and select Active Directory Authentication Delete all integration instances and add all integration instances again
Answers
B.
Navigate to MarketplaceView the installed content pack and select Active Directory content pack Select version 1.4.6 and click on "Revert to this version"
B.
Navigate to MarketplaceView the installed content pack and select Active Directory content pack Select version 1.4.6 and click on "Revert to this version"
Answers
C.
Navigate to SettingsView the configured integrations and select Active Directory QueryDelete all integration instances and add all integration instances again
C.
Navigate to SettingsView the configured integrations and select Active Directory QueryDelete all integration instances and add all integration instances again
Answers
D.
Navigate to MarketplaceView the installed content pack and select Active Directory content pack Click on uninstall content pack Navigate to Marketplace browser and reinstall the Active Directory content pack
D.
Navigate to MarketplaceView the installed content pack and select Active Directory content pack Click on uninstall content pack Navigate to Marketplace browser and reinstall the Active Directory content pack
Answers
Suggested answer: C

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.8/Cortex-XSOARAdministrator-Guide/Content-Pack-Update-Notifications

Question 130

Report
Export
Collapse

When developing the playbook, which of the following can be used by a XSOAR Administrator?

A.
The Debugger panel to test data with one of last five incidents. This will affect the incident’s original incident data.
A.
The Debugger panel to test data with one of last five incidents. This will affect the incident’s original incident data.
Answers
B.
Context data from existing incidents by exporting the YAML data from incidents and importing it to playbook editor.
B.
Context data from existing incidents by exporting the YAML data from incidents and importing it to playbook editor.
Answers
C.
Debugger panel and XML data from a similar incident with New Mock Incident. This will not affect the incidents original incident data.
C.
Debugger panel and XML data from a similar incident with New Mock Incident. This will not affect the incidents original incident data.
Answers
D.
The Debugger panel to test data with one of last fifty incidents. This will not affect the incident’s original incident data.
D.
The Debugger panel to test data with one of last fifty incidents. This will not affect the incident’s original incident data.
Answers
Suggested answer: C
Total 157 questions
Go to page: of 16
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms