Palo Alto Networks
PCSAE
Q1:
In order to automatically run a playbook on the indicators fetched by an integration, what would an XSOAR Administrator setup?
○
A
Cron job○
B
Time triggered job○
C
Feed triggered job○
D
REST API job
Palo Alto Networks
PCSAE
Q2:
Which field type should be used to hold more than 60,000 characters of unformatted text?
○
A
Short Text○
B
HTML○
C
Long Text○
D
Markdown
Palo Alto Networks
PCSAE
Q3:
A Cortex XSOAR Administrator is tasked with building a button for an analyst in order for the analyst to be assigned to the incident as an owner. What is the process?
○
A
Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with no argument○
B
Edit the incident layout to add a new button that calls the AssignToMeButton automation with argument assignBy={me}○
C
Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with argument owner={me}○
D
Edit the incident layout to add a new button that calls the AssignAnalystToIncident automation with argument assignBy=current
Palo Alto Networks
PCSAE
Q4:
Which of the following are valid methods to contribute custom content? (Choose three.)
☐
A
Submit content directly through feature requests☐
B
Private GitHub repository submission for premium content☐
C
A Github pull request on the public XSOAR Content Repository☐
D
Using the marketplace interface to upload the content☐
E
Using the content submission tool on live.paloaltonetworks.com
Palo Alto Networks
PCSAE
Q5:
A SOC analyst needs to retrieve the list of all open phishing incidents in the last 30 days. What is the correct query to use?
○
A
-status:closed -category:job type:Phishing created:>='30 days ago'○
B
status:closed -category:job & type:Phishing created:>='30 days ago'○
C
-status:closed -category:job & type:Phishing created:<='30 days ago'○
D
-status:closed -category:job type:Phishing created:='30 days ago'