ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCSAE

Palo Alto Networks PCSAE Practice Test - Questions Answers, Page 16

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

On the System Diagnostics page, what is the default minimum size for a Work Plan to be considered big?
What are two of the actions available on the Version History tab of a content pack in the marketplace? (Choose two.)
A SOC analyst needs to retrieve the list of all open phishing incidents in the last 30 days. What is the correct query to use?
Which development languages are supported when creating XSOAR automation scripts?
What is the default landing page for a new user in XSOAR?
An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users. Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)
Which configuration is a valid distributed database (DB) implementation?
Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)
What does Script helper contain?
Which of the following is a basic setting that can be configured in an automation?

Question 151

Report
Export
Collapse

Newly created subplaybooks do not have any inputs, or outputs. What is necessary to make them functional? (Choose two.)

A.
Define input key in the subplaybook task. Map context values to pull from parent playbook.
A.
Define input key in the subplaybook task. Map context values to pull from parent playbook.
Answers
B.
The output of the previous task automatically becomes the input of the subplaybook.
B.
The output of the previous task automatically becomes the input of the subplaybook.
Answers
C.
Map inputs and outputs to the parent playbook and the subplaybook will use the same values.
C.
Map inputs and outputs to the parent playbook and the subplaybook will use the same values.
Answers
D.
Open the subplaybook and add inputs or outputs in the Playbook triggered task.
D.
Open the subplaybook and add inputs or outputs in the Playbook triggered task.
Answers
Suggested answer: A, D

Question 152

Report
Export
Collapse

A Cortex XSOAR Administrator is tasked with building a button for an analyst in order for the analyst to be assigned to the incident as an owner. What is the process?

A.
Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with no argument
A.
Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with no argument
Answers
B.
Edit the incident layout to add a new button that calls the AssignToMeButton automation with argument assignBy={me}
B.
Edit the incident layout to add a new button that calls the AssignToMeButton automation with argument assignBy={me}
Answers
C.
Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with argument owner={me}
C.
Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with argument owner={me}
Answers
D.
Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with argument assignBy=current
D.
Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with argument assignBy=current
Answers
Suggested answer: C

Question 153

Report
Export
Collapse

Which field type should be used to hold more than 60,000 characters of unformatted text?

A.
Short Text
A.
Short Text
Answers
B.
HTML
B.
HTML
Answers
C.
Long Text
C.
Long Text
Answers
D.
Markdown
D.
Markdown
Answers
Suggested answer: C

Question 154

Report
Export
Collapse

In order to automatically run a playbook on the indicators fetched by an integration, what would an XSOAR Administrator setup?

A.
Cron job
A.
Cron job
Answers
B.
Time triggered job
B.
Time triggered job
Answers
C.
Feed triggered job
C.
Feed triggered job
Answers
D.
REST API job
D.
REST API job
Answers
Suggested answer: C

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.5/Cortex-XSOARAdministrator-Guide/Create-Indicator-Extract-Rules-for-a-Playbook-Task

Question 155

Report
Export
Collapse

Which two functions in XSOAR are incident types used for? (Choose two.)

A.
To run dedicated playbooks for different event types
A.
To run dedicated playbooks for different event types
Answers
B.
To classify events ingested from various sources into the relevant types
B.
To classify events ingested from various sources into the relevant types
Answers
C.
To classify indicators extracted in XSOAR incidents to their respective types
C.
To classify indicators extracted in XSOAR incidents to their respective types
Answers
D.
To facilitate role based access to XSOAR incidents
D.
To facilitate role based access to XSOAR incidents
Answers
Suggested answer: B, C

Question 156

Report
Export
Collapse

When creating an incident layout section, it is best to place long field values within which of the following?

A.
Section headers
A.
Section headers
Answers
B.
Rows
B.
Rows
Answers
C.
Canvas
C.
Canvas
Answers
D.
Cards
D.
Cards
Answers
Suggested answer: B

Question 157

Report
Export
Collapse

The default expiration method for non-feed indicators is either to never expire or to expire after a specific period of time. How frequently does XSOAR check tor newly expired indicators?

A.
Every 24 hours
A.
Every 24 hours
Answers
B.
Every 5 minutes
B.
Every 5 minutes
Answers
C.
Every 8 hours
C.
Every 8 hours
Answers
D.
Every 1 hour
D.
Every 1 hour
Answers
Suggested answer: D

Explanation:

Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.5/Cortex-XSOAR-Threat-Intel-Management-Guide/Indicator-Expiration

Total 157 questions
Go to page: of 16
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms