ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCSAE

Palo Alto Networks PCSAE Practice Test - Questions Answers, Page 7

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

On the System Diagnostics page, what is the default minimum size for a Work Plan to be considered big?
An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users. Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)
Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)
Which of the following is a basic setting that can be configured in an automation?
What are two of the actions available on the Version History tab of a content pack in the marketplace? (Choose two.)
A SOC analyst needs to retrieve the list of all open phishing incidents in the last 30 days. What is the correct query to use?
To avoid exceeding API quotas for third-party services, indicators are only updated after the indicator cache expiration period. What is the default cache expiration period for indicators in XSOAR (minutes/days)?
Which development languages are supported when creating XSOAR automation scripts?
What is the default landing page for a new user in XSOAR?
Which configuration is a valid distributed database (DB) implementation?

Question 61

Report
Export
Collapse

Which two situations would an engineer consider when configuring classification and mapping for an incident type? (Choose two.)

A.
When creating incidents from the XSOAR REST API
A.
When creating incidents from the XSOAR REST API
Answers
B.
When manually creating an incident from the UI
B.
When manually creating an incident from the UI
Answers
C.
When adding a new analyst account to XSOAR
C.
When adding a new analyst account to XSOAR
Answers
D.
When fetching many different incident types from a single mailbox
D.
When fetching many different incident types from a single mailbox
Answers
Suggested answer: A, B

Question 62

Report
Export
Collapse

Which two options may be added when a content pack is being installed? (Choose two.)

A.
Lists
A.
Lists
Answers
B.
Roles
B.
Roles
Answers
C.
Other content packs
C.
Other content packs
Answers
D.
Indicator layouts
D.
Indicator layouts
Answers
Suggested answer: A, B

Question 63

Report
Export
Collapse

Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)

A.
Python
A.
Python
Answers
B.
Perl
B.
Perl
Answers
C.
Go
C.
Go
Answers
D.
JavaScript
D.
JavaScript
Answers
E.
Powershell
E.
Powershell
Answers
Suggested answer: A, D, E

Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoaradmin/playbooks/ automations.html

Question 64

Report
Export
Collapse

What are two primary uses of standard tasks? (Choose two.)

A.
To highlight different paths in a playbook
A.
To highlight different paths in a playbook
Answers
B.
To generate new widgets for a dashboard
B.
To generate new widgets for a dashboard
Answers
C.
To create an incident or escalate an existing incident
C.
To create an incident or escalate an existing incident
Answers
D.
To automate tasks such as parsing a file or enriching indicators
D.
To automate tasks such as parsing a file or enriching indicators
Answers
Suggested answer: C, D

Question 65

Report
Export
Collapse

An engineer would like to change an incident’s SLA according to the severity field changes. How can the engineer achieve this task?

A.
Use a field trigger script
A.
Use a field trigger script
Answers
B.
Use a field display script
B.
Use a field display script
Answers
C.
Create a job that queries for incident severity changes
C.
Create a job that queries for incident severity changes
Answers
D.
Change the SLA manually every time the severity changes
D.
Change the SLA manually every time the severity changes
Answers
Suggested answer: A

Explanation:

Reference: https://xsoar.pan.dev/docs/incidents/incident-fields

Question 66

Report
Export
Collapse

What are three different loop types in a playbook? (Choose three.)

A.
Automation
A.
Automation
Answers
B.
Built-in
B.
Built-in
Answers
C.
Data collection
C.
Data collection
Answers
D.
Conditional
D.
Conditional
Answers
E.
For-each
E.
For-each
Answers
Suggested answer: C, D, E

Question 67

Report
Export
Collapse

What are two common use cases for conditional tasks? (Choose two.)

A.
They are used for branching paths in a playbook
A.
They are used for branching paths in a playbook
Answers
B.
They are used to interact with users through survey functionality
B.
They are used to interact with users through survey functionality
Answers
C.
They are used to determine which incident will be executed
C.
They are used to determine which incident will be executed
Answers
D.
They are used for sending a specific
D.
They are used for sending a specific
Answers
Suggested answer: A, D

Explanation:

Reference: https://docs-new.paloaltonetworks.com/cortex/cortex-xsoar/5-5/cortex-xsoaradmin/cortex-xsoar- overview/use-cases.html#id7b31e50b-5aca-4d65-bdb5-ba61b4eac0b4

Question 68

Report
Export
Collapse

An Engineer wants to filter a csvList value according to a dynamic value saved under the test context key.

Which three values would save the test context key? (Choose three.)

A.
Get csvList.value where csvList.value equals test [from previous tasks]
A.
Get csvList.value where csvList.value equals test [from previous tasks]
Answers
B.
Get csvList.value where csvList.value equals ${test} [from previous tasks]
B.
Get csvList.value where csvList.value equals ${test} [from previous tasks]
Answers
C.
Get csvList.value where csvList.value equals test {}[from previous tasks]
C.
Get csvList.value where csvList.value equals test {}[from previous tasks]
Answers
D.
Get csvList.value where csvList.value equals test [as value]
D.
Get csvList.value where csvList.value equals test [as value]
Answers
E.
Get csvList.value where csvList.value equals ${test} [as value]
E.
Get csvList.value where csvList.value equals ${test} [as value]
Answers
Suggested answer: A, B, E

Question 69

Report
Export
Collapse

An engineer wants to customize the regex for the default IP indicator type. How can this change be implemented?

A.
Create a new indicator type and disable the built-in IP indicator
A.
Create a new indicator type and disable the built-in IP indicator
Answers
B.
Edit the regex of the default IP Indicator
B.
Edit the regex of the default IP Indicator
Answers
C.
Add a new server configuration key that will overwrite the default regex of the IP indicator
C.
Add a new server configuration key that will overwrite the default regex of the IP indicator
Answers
D.
Delete the default IP indicator
D.
Delete the default IP indicator
Answers
Suggested answer: A

Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoaradmin/manage-indicators/ understand-indicators/indicator-types/indicator-type-profile.html

Question 70

Report
Export
Collapse

In which two scenarios would it be appropriate to implement a loop for a sub-playbook? (Choose two.)

A.
In repetitive process flows to iterate for each playbook input
A.
In repetitive process flows to iterate for each playbook input
Answers
B.
When continuously ingesting incidents from third-party systems
B.
When continuously ingesting incidents from third-party systems
Answers
C.
In repetitive process flows with no more than 10 loops
C.
In repetitive process flows with no more than 10 loops
Answers
D.
In repetitive processes that requires sub-playbook re-execution
D.
In repetitive processes that requires sub-playbook re-execution
Answers
Suggested answer: A, B
Total 157 questions
Go to page: of 16
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms