ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCSAE

Palo Alto Networks PCSAE Practice Test - Questions Answers, Page 5

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

On the System Diagnostics page, what is the default minimum size for a Work Plan to be considered big?
What are two of the actions available on the Version History tab of a content pack in the marketplace? (Choose two.)
A SOC analyst needs to retrieve the list of all open phishing incidents in the last 30 days. What is the correct query to use?
Which development languages are supported when creating XSOAR automation scripts?
What is the default landing page for a new user in XSOAR?
An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users. Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)
Which configuration is a valid distributed database (DB) implementation?
Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)
What does Script helper contain?
Which of the following is a basic setting that can be configured in an automation?

Question 41

Report
Export
Collapse

What is the correct expression to use when filtering only PDF files?

A.
Use File.Extension that does not equal (string comparison) PDF
A.
Use File.Extension that does not equal (string comparison) PDF
Answers
B.
Use File.Name contains PDF
B.
Use File.Name contains PDF
Answers
C.
Use File.Extension contains (general) PDF
C.
Use File.Extension contains (general) PDF
Answers
D.
Use File.Extension equals (string comparison) PDF
D.
Use File.Extension equals (string comparison) PDF
Answers
Suggested answer: D

Question 42

Report
Export
Collapse

Whar are possible war room result (entry) types?

A.
Context, file, error, image
A.
Context, file, error, image
Answers
B.
Note, indicator, error, image
B.
Note, indicator, error, image
Answers
C.
Video, file, error, image
C.
Video, file, error, image
Answers
D.
Note, file, error, image
D.
Note, file, error, image
Answers
Suggested answer: B

Question 43

Report
Export
Collapse

An engineer asked for a specific command in an integration but the capability does not exist. The engineer decided to edit the existing integration by copying the integration and adding the needed commands.

What is the main concern when adding these commands?

A.
The commands must return a proper result to the war room for the analysts to understand
A.
The commands must return a proper result to the war room for the analysts to understand
Answers
B.
The code may not be written to XSOAR standards
B.
The code may not be written to XSOAR standards
Answers
C.
The integrations are locked and cannot be edited with additional commands
C.
The integrations are locked and cannot be edited with additional commands
Answers
D.
The custom integration will not be maintained and updated by XSOAR content team
D.
The custom integration will not be maintained and updated by XSOAR content team
Answers
Suggested answer: D

Question 44

Report
Export
Collapse

How is data transferred between playbook tasks?

A.
Read/Write from context data
A.
Read/Write from context data
Answers
B.
Over war room results
B.
Over war room results
Answers
C.
Input from the indicator page
C.
Input from the indicator page
Answers
D.
Directly from a previous task
D.
Directly from a previous task
Answers
Suggested answer: A

Question 45

Report
Export
Collapse

A large number of incidents were deleted by mistake.

Which two architecture components can be used to recover the lost data? (Choose two.)

A.
Live backup
A.
Live backup
Answers
B.
Engine
B.
Engine
Answers
C.
Distributed database
C.
Distributed database
Answers
D.
Local backup
D.
Local backup
Answers
Suggested answer: A, D

Explanation:

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-6/cortex-xsoar-admin/disaster-recoveryand-live-backup/backup-the-database.html

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoaradmin/disaster-recovery- and-live-backup/disaster-recovery-and-backup-overview.html

Question 46

Report
Export
Collapse

Which two statements accurately describe layouts? (Choose two.)

A.
Layouts override classification and mapping
A.
Layouts override classification and mapping
Answers
B.
New tabs can be added to the incident layout
B.
New tabs can be added to the incident layout
Answers
C.
Layouts can display incident information and custom fields
C.
Layouts can display incident information and custom fields
Answers
D.
Layouts add or remove custom fields from an incident type
D.
Layouts add or remove custom fields from an incident type
Answers
Suggested answer: B, C

Question 47

Report
Export
Collapse

An engineer’s organization system is registered in the following manner: <SiteName-SystemIDUsername>.

The engineer created a new indicator type for detecting systems using regex. The engineer would now like the username to be created as a separate ‘User’ indicator automatically once a system is found.

What is the most efficient way for the engineer to achieve this?

A.
Create a custom indicator field named ‘username’ and link it to the internal system indicator
A.
Create a custom indicator field named ‘username’ and link it to the internal system indicator
Answers
B.
Change the reputation command for the internal system indicator type
B.
Change the reputation command for the internal system indicator type
Answers
C.
Create a new indicator type of the internal username and set a formatting script to extract only the username
C.
Create a new indicator type of the internal username and set a formatting script to extract only the username
Answers
D.
Create a new indicator type of the internal username and have the regex included on any string that has dash at the beginning
D.
Create a new indicator type of the internal username and have the regex included on any string that has dash at the beginning
Answers
Suggested answer: C

Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-threat-intelmanagement-guide/manage-indicators/understand-indicators/indicator-types/indicator-typeprofile

Question 48

Report
Export
Collapse

Which two options are the most effective for moving content between two environments? (Choose two.)

A.
Remote repository based content sharing
A.
Remote repository based content sharing
Answers
B.
UI based content import/export button
B.
UI based content import/export button
Answers
C.
Copy the content backup from one environment file system (/var/lib/demisto/backup/contentbackup-*) and move it to the other environment
C.
Copy the content backup from one environment file system (/var/lib/demisto/backup/contentbackup-*) and move it to the other environment
Answers
D.
Download the content items separately and upload them to the other environment
D.
Download the content items separately and upload them to the other environment
Answers
Suggested answer: A, B

Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoaradmin/manage-data/ migrate-data-to-another-server-for-multi-tenant.html

Question 49

Report
Export
Collapse

Which three options can be defined in the layout settings? (Choose three.)

A.
Set of fields to present
A.
Set of fields to present
Answers
B.
Permission to view the tab based on ‘Users’
B.
Permission to view the tab based on ‘Users’
Answers
C.
Permission to view the tab based on ‘Roles’
C.
Permission to view the tab based on ‘Roles’
Answers
D.
Delete built-in tabs including the war room
D.
Delete built-in tabs including the war room
Answers
E.
Dynamic sections
E.
Dynamic sections
Answers
Suggested answer: A, C, E

Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoaradmin/incidents/customize- incident-view-layouts/customize-incident-layouts.html

Question 50

Report
Export
Collapse

What can be used as integration parameters?

A.
URL, API key, port
A.
URL, API key, port
Answers
B.
URL, certificate, image
B.
URL, certificate, image
Answers
C.
Token, query, playbook
C.
Token, query, playbook
Answers
D.
User-password, csv file, query
D.
User-password, csv file, query
Answers
Suggested answer: A
Total 157 questions
Go to page: of 16
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms