ExamGecko
Login
Home / Palo Alto Networks / PCSAE / List of questions
Ask Question

Palo Alto Networks PCSAE Practice Test - Questions Answers, Page 5

Add to Whishlist

List of questions

Question 41

Report Export Collapse

What is the correct expression to use when filtering only PDF files?

Use File.Extension that does not equal (string comparison) PDF
Use File.Extension that does not equal (string comparison) PDF
Use File.Name contains PDF
Use File.Name contains PDF
Use File.Extension contains (general) PDF
Use File.Extension contains (general) PDF
Use File.Extension equals (string comparison) PDF
Use File.Extension equals (string comparison) PDF
Suggested answer: D
asked 23/09/2024
Bates, Michael
43 questions

Question 42

Report Export Collapse

Whar are possible war room result (entry) types?

Context, file, error, image
Context, file, error, image
Note, indicator, error, image
Note, indicator, error, image
Video, file, error, image
Video, file, error, image
Note, file, error, image
Note, file, error, image
Suggested answer: B
asked 23/09/2024
Miles Greenyer
43 questions

Question 43

Report Export Collapse

An engineer asked for a specific command in an integration but the capability does not exist. The engineer decided to edit the existing integration by copying the integration and adding the needed commands.

What is the main concern when adding these commands?

The commands must return a proper result to the war room for the analysts to understand
The commands must return a proper result to the war room for the analysts to understand
The code may not be written to XSOAR standards
The code may not be written to XSOAR standards
The integrations are locked and cannot be edited with additional commands
The integrations are locked and cannot be edited with additional commands
The custom integration will not be maintained and updated by XSOAR content team
The custom integration will not be maintained and updated by XSOAR content team
Suggested answer: D
asked 23/09/2024
Rico Banagale
44 questions

Question 44

Report Export Collapse

How is data transferred between playbook tasks?

Read/Write from context data
Read/Write from context data
Over war room results
Over war room results
Input from the indicator page
Input from the indicator page
Directly from a previous task
Directly from a previous task
Suggested answer: A
asked 23/09/2024
Leandra Felipe
43 questions

Question 45

Report Export Collapse

A large number of incidents were deleted by mistake.

Which two architecture components can be used to recover the lost data? (Choose two.)

Live backup
Live backup
Engine
Engine
Distributed database
Distributed database
Local backup
Local backup
Suggested answer: A, D
Explanation:

https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-6/cortex-xsoar-admin/disaster-recoveryand-live-backup/backup-the-database.html

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoaradmin/disaster-recovery- and-live-backup/disaster-recovery-and-backup-overview.html

asked 23/09/2024
Eric Swisher
43 questions

Question 46

Report Export Collapse

Which two statements accurately describe layouts? (Choose two.)

Layouts override classification and mapping
Layouts override classification and mapping
New tabs can be added to the incident layout
New tabs can be added to the incident layout
Layouts can display incident information and custom fields
Layouts can display incident information and custom fields
Layouts add or remove custom fields from an incident type
Layouts add or remove custom fields from an incident type
Suggested answer: B, C
asked 23/09/2024
ALAEDDINE BENMAKHLOUF
54 questions

Question 47

Report Export Collapse

An engineer’s organization system is registered in the following manner: <SiteName-SystemIDUsername>.

The engineer created a new indicator type for detecting systems using regex. The engineer would now like the username to be created as a separate β€˜User’ indicator automatically once a system is found.

What is the most efficient way for the engineer to achieve this?

Create a custom indicator field named β€˜username’ and link it to the internal system indicator
Create a custom indicator field named β€˜username’ and link it to the internal system indicator
Change the reputation command for the internal system indicator type
Change the reputation command for the internal system indicator type
Create a new indicator type of the internal username and set a formatting script to extract only the username
Create a new indicator type of the internal username and set a formatting script to extract only the username
Create a new indicator type of the internal username and have the regex included on any string that has dash at the beginning
Create a new indicator type of the internal username and have the regex included on any string that has dash at the beginning
Suggested answer: C
Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-threat-intelmanagement-guide/manage-indicators/understand-indicators/indicator-types/indicator-typeprofile

asked 23/09/2024
Konstantinos Lagoudakis
34 questions

Question 48

Report Export Collapse

Which two options are the most effective for moving content between two environments? (Choose two.)

Remote repository based content sharing
Remote repository based content sharing
UI based content import/export button
UI based content import/export button
Copy the content backup from one environment file system (/var/lib/demisto/backup/contentbackup-*) and move it to the other environment
Copy the content backup from one environment file system (/var/lib/demisto/backup/contentbackup-*) and move it to the other environment
Download the content items separately and upload them to the other environment
Download the content items separately and upload them to the other environment
Suggested answer: A, B
Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoaradmin/manage-data/ migrate-data-to-another-server-for-multi-tenant.html

asked 23/09/2024
Roman Flores
38 questions

Question 49

Report Export Collapse

Which three options can be defined in the layout settings? (Choose three.)

Set of fields to present
Set of fields to present
Permission to view the tab based on β€˜Users’
Permission to view the tab based on β€˜Users’
Permission to view the tab based on β€˜Roles’
Permission to view the tab based on β€˜Roles’
Delete built-in tabs including the war room
Delete built-in tabs including the war room
Dynamic sections
Dynamic sections
Suggested answer: A, C, E
Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoaradmin/incidents/customize- incident-view-layouts/customize-incident-layouts.html

asked 23/09/2024
Vaniko Batiashvili
34 questions

Question 50

Report Export Collapse

What can be used as integration parameters?

URL, API key, port
URL, API key, port
URL, certificate, image
URL, certificate, image
Token, query, playbook
Token, query, playbook
User-password, csv file, query
User-password, csv file, query
Suggested answer: A
asked 23/09/2024
Aneez vezhappilly
38 questions
Total 157 questions
Go to page: of 16
Open VPLUS File
Convert VPLUS to PDF

Related questions

Incidents need to be filtered by all of the following criteria:
On the System Diagnostics page, what is the default minimum size for a Work Plan to be considered big?
Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)
A playbook task generates a report as HTML in the context data. An engineer creates a custom indicator field of type "HTML" and adds the field to a section in a custom indicator layout. How can the engineer populate the HTML field in the indicator layout?
An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users. Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)
Newly created subplaybooks do not have any inputs, or outputs. What is necessary to make them functional? (Choose two.)
During configuration of the inputs of a sub-playbook in the main playbook, there is an option under the Loop tab called "For Each Input". What is this option used to?
An engineer wants to customize the regex for the default IP indicator type. How can this change be implemented?
After enriching a username using Active Directory, an engineer would like to send an email to the user’s manager. However, this functionality is not part of the command output. The engineer checks with raw- response=true and notices that the manager’s email is returned, but not saved in the context. How can the engineer save the data so it will be accessible?
What are two of the actions available on the Version History tab of a content pack in the marketplace? (Choose two.)