Labour Day Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

  1. Home
  2. Paloalto Networks
  3. Palo Alto Certifications and Accreditations
  4. PCSAE - Palo Alto Networks Certified Security Automation Engineer

PCSAE Exam Dumps - Palo Alto Networks Certified Security Automation Engineer

Question # 4

Given an incident with three files, how could the name of the second file be referenced?

A.

${Files.[2].Name}

B.

${Files.Name.[2]}

C.

${File.[1].Name}

D.

${File.Name.[1]}

Full Access
Question # 5

Which playbook will a job run by default?

A.

The playbook assigned to the incident type

B.

The playbook assigned to the indicator type

C.

The playbook assigned during pre-processing

D.

The playbook assigned by the integration

Full Access
Question # 6

An administrator wants to run an automation in the War Room to set the incident field "Description" to "Confirmed Phishing". Which command should they enter in the War Room CLI?

A.

!incidentSet description="Confirmed Phishing"

B.

/incidentSet description=Confirmed Phishing

C.

!setIncident description="Confirmed Phishing"

D.

/setIncident description=Confirmed Phishing

Full Access
Question # 7

Which two causes may be occurring if an integration test is working, but the integration is not fetching incidents? (Choose two.)

A.

The ’Fetches Incidents’ option may not have been enabled

B.

There are no new events from the external service

C.

The first fetch should be manually triggered to start the fetching process

D.

It can take up to 1-hour before incidents are initially fetched

Full Access
Question # 8

Which content type cannot be managed using remote repositories?

A.

Lists

B.

Jobs

C.

Pre-processing rules

D.

Exclusion List

Full Access
Question # 9

When creating an automation in XSOAR, what is the best way to create a log message?

A.

Using a debug statement

B.

Using the demisto.debug() function

C.

Using a print statement

D.

Using the demisto.results() function

Full Access
Question # 10

What are the out-of-the-box aggregate values that can be applied on widgets data?

A.

Min, Max, Count, Average, Custom Transformers

B.

Min, Max, Count, Average, Custom Group By

C.

Count, Average, Sum, Min, Max

D.

Count, Sum, Min, Max, Transformers

Full Access
Question # 11

The XSOAR administrator is writing an automation and would like to return an error entry back into XSOAR if a particular command errors out. How can this be achieved?

A.

Using the demisto_error() function

B.

Using a print statement

C.

Using the demisto.debug() function

D.

Using the return_error() function

Full Access
Question # 12

After enriching a username using Active Directory, an engineer would like to send an email to the user’s manager. However, this functionality is not part of the command output. The engineer checks with raw- response=true and notices that the manager’s email is returned, but not saved in the context.

How can the engineer save the data so it will be accessible?

A.

Mark ignore output = true

B.

Use extend-context

C.

Use raw-response = save

D.

Mark ignore input = true

Full Access
Question # 13

During the regular maintenance of XSOAR a customer noticed that there was an update available for the Active Directory content pack (current version 1.4.6) and updated the content pack to the latest version (version 1.4.11). However, after the update the customer noticed that the Active Directory Query integration is not working properly and asked you to resolve the issue.

Which of the following set of steps can help to resolve the issue?

A.

Navigate to Settings

View the configured integrations and select Active Directory Authentication

Delete all integration instances and add all integration instances again

B.

Navigate to Marketplace

View the installed content pack and select Active Directory content pack

Select version 1.4.6 and click on "Revert to this version"

C.

Navigate to Settings

View the configured integrations and select Active Directory Query

Delete all integration instances and add all integration instances again

D.

Navigate to Marketplace

View the installed content pack and select Active Directory content pack

Click on uninstall content pack

Navigate to Marketplace browser and reinstall the Active Directory content pack

Full Access
Question # 14

An automation returned an output called: csvReport.

What filter would be used to check if the automation returned results?

A.

Contains/Includes

B.

Equals/Matches

C.

In/In list

D.

Is defined/Exist

Full Access
Question # 15

How would context data be filtered to receive only malicious indicator values with DBotScore?

A.

Get DBotScore.value where DBotScore.Score (Larger or equals) 4

B.

Get DBotScore.value where DBotScore.Score (equals (int)) 3

C.

Get DBotScore where DBotScore.Score (Larger than) 1

D.

Get DBotScore where DBotScore.Score (Larger or equals) 2

Full Access
Question # 16

Newly created subplaybooks do not have any inputs, or outputs. What is necessary to make them functional? (Choose two.)

A.

Define input key in the subplaybook task. Map context values to pull from parent playbook.

B.

The output of the previous task automatically becomes the input of the subplaybook.

C.

Map inputs and outputs to the parent playbook and the subplaybook will use the same values.

D.

Open the subplaybook and add inputs or outputs in the Playbook triggered task.

Full Access
Question # 17

Management would like to get an incident report automatically following an incident’s closure. How would this be accomplished?

A.

Define a task in a playbook to generate an incident report before the closure occurs

B.

Manually create an ‘Incident Report’

C.

Configure post-processing using a script

D.

Create an ‘Incident Report’ from the Reports page

Full Access
Question # 18

Reliability scores in XSOAR range from A through F. What do A and F stand for?

A.

F - Reliability cannot be judged, A - Completely Reliable

B.

F - Not reliable, A - Usually Reliable

C.

F - Not usually reliable, A - Fairly Reliable

D.

F - Unreliable, A - Completely Reliable

Full Access
Question # 19

What is the difference between labels and fields?

A.

Fields can be used in playbooks and labels cannot

B.

Fields are indexed in the database and labels are not

C.

Labels can be used in queries and fields cannot

D.

Labels are indexed in the database and fields are not

Full Access
Question # 20

An engineer would like to change an incident’s SLA according to the severity field changes. How can the engineer achieve this task?

A.

Use a field trigger script

B.

Use a field display script

C.

Create a job that queries for incident severity changes

D.

Change the SLA manually every time the severity changes

Full Access
Question # 21

An incident field is created having the display name as Source_IP. How can the field be accessed?

A.

${incident.sourceip}

B.

${incident.Source_IP}

C.

${incident.srcip}

D.

${incident.Source IP}

Full Access
Question # 22

A Cortex XSOAR Administrator is tasked with building a button for an analyst in order for the analyst to be assigned to the incident as an owner. What is the process?

A.

Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with no argument

B.

Edit the incident layout to add a new button that calls the AssignToMeButton automation with argument assignBy={me}

C.

Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with argument owner={me}

D.

Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with argument assignBy=current

Full Access
Question # 23

What is the default task type when creating an empty task?

A.

Standard (Manual)

B.

Conditional

C.

Section header

D.

Standard (Automated)

Full Access

Hot Exams

ADM-201 Dumps
Sales-Cloud-Consultant Dumps
PCNSE Dumps
Service-Cloud-Consultant Dumps
Platform-App-Builder Dumps
AZ-500 Dumps
Associate-Cloud-Engineer Dumps
350-701 Dumps
AZ-104 Dumps
CKA Dumps
SY0-601 Dumps
NCSE-Core Dumps