ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCSAE

Palo Alto Networks PCSAE Practice Test - Questions Answers, Page 14

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

On the System Diagnostics page, what is the default minimum size for a Work Plan to be considered big?
An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users. Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)
Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)
Which of the following is a basic setting that can be configured in an automation?
What are two of the actions available on the Version History tab of a content pack in the marketplace? (Choose two.)
A SOC analyst needs to retrieve the list of all open phishing incidents in the last 30 days. What is the correct query to use?
To avoid exceeding API quotas for third-party services, indicators are only updated after the indicator cache expiration period. What is the default cache expiration period for indicators in XSOAR (minutes/days)?
Which development languages are supported when creating XSOAR automation scripts?
What is the default landing page for a new user in XSOAR?
Which configuration is a valid distributed database (DB) implementation?

Question 131

Report
Export
Collapse

Which field type provides an interactive and editable display of table-based data?

A.
HTML
A.
HTML
Answers
B.
Grid (table)
B.
Grid (table)
Answers
C.
Markdown
C.
Markdown
Answers
D.
Multi Select
D.
Multi Select
Answers
Suggested answer: B

Question 132

Report
Export
Collapse

What is the function of timer SLA fields in Cortex XSOAR?

A.
To track SLA breaches per playbook
A.
To track SLA breaches per playbook
Answers
B.
To run a script that executes on SLA assignment
B.
To run a script that executes on SLA assignment
Answers
C.
To automatically alert the analyst on SLA breach
C.
To automatically alert the analyst on SLA breach
Answers
D.
To count the time between one or more tasks
D.
To count the time between one or more tasks
Answers
Suggested answer: C

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/cortex/cortex-xsoar//6-2/cortex-xsoaradmin/work-with-slas/create-an-sla-field

Question 133

Report
Export
Collapse

What are inputs and outputs in reference to a Playbook Development Lifecycle? (Choose three.)

A.
Inputs are data pieces that are present in the playbook
A.
Inputs are data pieces that are present in the playbook
Answers
B.
Inputs are data pieces that are present in the task
B.
Inputs are data pieces that are present in the task
Answers
C.
Outputs are used as incident trigger for playbook
C.
Outputs are used as incident trigger for playbook
Answers
D.
Outputs can be derived from the result of a task or command
D.
Outputs can be derived from the result of a task or command
Answers
E.
Inputs are the data fields parsed by the Classifier
E.
Inputs are the data fields parsed by the Classifier
Answers
Suggested answer: A, D, E

Question 134

Report
Export
Collapse

Inside the Incidents table view, which actions can be performed on the selected incidents? (Choose two.)

A.
Run Command, Export, and Close and Delete for all selected incidents regardless of their status
A.
Run Command, Export, and Close and Delete for all selected incidents regardless of their status
Answers
B.
Assign, Edit, and Mark as Duplicate for all selected incidents regardless of their status
B.
Assign, Edit, and Mark as Duplicate for all selected incidents regardless of their status
Answers
C.
Run Command for all selected incidents having Active status
C.
Run Command for all selected incidents having Active status
Answers
D.
Export incidents as JSON and change incident status
D.
Export incidents as JSON and change incident status
Answers
Suggested answer: A, B

Question 135

Report
Export
Collapse

An administrator has noticed that an integration has failed to fetch incidents. Where would they go to download logs to troubleshoot the error?

A.
Go to the Marketplace > Download the Fix my XSOAR playbook pack > Run the playbook > Download logs from War Room
A.
Go to the Marketplace > Download the Fix my XSOAR playbook pack > Run the playbook > Download logs from War Room
Answers
B.
Settings > About > Troubleshooting > Set Log Level to Debug > Download Logs
B.
Settings > About > Troubleshooting > Set Log Level to Debug > Download Logs
Answers
C.
Dashboards & Reports > System Health
C.
Dashboards & Reports > System Health
Answers
D.
Settings > About > System Diagnostics
D.
Settings > About > System Diagnostics
Answers
Suggested answer: B

Question 136

Report
Export
Collapse

In Cortex XSOAR multi tenant setup, when content from a development server is pushed to the remote repository, where in the production server can the updates be found?

A.
Main Account
A.
Main Account
Answers
B.
Tenants
B.
Tenants
Answers
C.
Agent tools
C.
Agent tools
Answers
D.
Marketplace
D.
Marketplace
Answers
Suggested answer: B

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.6/Cortex-XSOAR-Multi-Tenant-Guide/Configure-a-Remote-Repository-on-the-Main-Account

Question 137

Report
Export
Collapse

To avoid exceeding API quotas for third-party services, indicators are only updated after the indicator cache expiration period. What is the default cache expiration period for indicators in XSOAR (minutes/days)?

A.
10,080 minutes (7 days)
A.
10,080 minutes (7 days)
Answers
B.
20,160 minutes (14 days)
B.
20,160 minutes (14 days)
Answers
C.
21,600 minutes (15 days)
C.
21,600 minutes (15 days)
Answers
D.
4,320 minutes (3 days)
D.
4,320 minutes (3 days)
Answers
Suggested answer: D

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.6/Cortex-XSOARAdministrator-Guide/Indicator-Type-Profile

Question 138

Report
Export
Collapse

When browsing the Marketplace for new content packs, which details about each pack are you able to view?

A.
The integration’s source code
A.
The integration’s source code
Answers
B.
A summary of each version history
B.
A summary of each version history
Answers
C.
A test instance for the content pack
C.
A test instance for the content pack
Answers
D.
The source code of each playbook
D.
The source code of each playbook
Answers
Suggested answer: B

Question 139

Report
Export
Collapse

A SOC analyst needs to retrieve the list of all open phishing incidents in the last 30 days. What is the correct query to use?

A.
-status:closed -category:job type:Phishing created:>="30 days ago"
A.
-status:closed -category:job type:Phishing created:>="30 days ago"
Answers
B.
status:closed -category:job & type:Phishing created:>="30 days ago"
B.
status:closed -category:job & type:Phishing created:>="30 days ago"
Answers
C.
-status:closed -category:job & type:Phishing created:<="30 days ago"
C.
-status:closed -category:job & type:Phishing created:<="30 days ago"
Answers
D.
-status:closed –category:job type:Phishing created:="30 days ago"
D.
-status:closed –category:job type:Phishing created:="30 days ago"
Answers
Suggested answer: C

Question 140

Report
Export
Collapse

During configuration of the inputs of a sub-playbook in the main playbook, there is an option under the Loop tab called "For Each Input". What is this option used to?

A.
To loop the sub-playbook over all context values present in the investigation
A.
To loop the sub-playbook over all context values present in the investigation
Answers
B.
To loop the sub-playbook over all incident fields for the given incident
B.
To loop the sub-playbook over all incident fields for the given incident
Answers
C.
To loop the sub-playbook over all the fields marked as important
C.
To loop the sub-playbook over all the fields marked as important
Answers
D.
To loop the sub-playbook over all defined sub-playbook inputs
D.
To loop the sub-playbook over all defined sub-playbook inputs
Answers
Suggested answer: D
Total 157 questions
Go to page: of 16
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms