Summer Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ecus65

Paloalto Networks PCSAE - Palo Alto Networks Certified Security Automation Engineer

Paloalto Networks PCSAE Premium Access     Download Demo    
Page: 4 / 5
Total 156 questions

Which two advanced attributes can be applied to incident fields when editing? (Choose two.)

A.

Set a field trigger script

B.

Associate to an incident type

C.

Change field type

D.

Change field name

Which two capabilities do Automation script settings include? (Choose two.)

A.

Define ‘parameters’

B.

Correlate to incident types

C.

Define ‘outputs’

D.

Set password protection

An administrator wants to run an automation in the War Room to set the incident field "Description" to "Confirmed Phishing". Which command should they enter in the War Room CLI?

A.

!incidentSet description="Confirmed Phishing"

B.

/incidentSet description=Confirmed Phishing

C.

!setIncident description="Confirmed Phishing"

D.

/setIncident description=Confirmed Phishing

An engineer would like to change an incident’s SLA according to the severity field changes. How can the engineer achieve this task?

A.

Use a field trigger script

B.

Use a field display script

C.

Create a job that queries for incident severity changes

D.

Change the SLA manually every time the severity changes

Which of the following is a prerequisite to editing out-of-the-box (OOTB) content?

A.

Download the content from the Marketplace.

B.

Go to Settings > About >Troubleshooting and set a flag to allow custom content.

C.

Register a user account with support.paloaltonetworks.com .

D.

Detach the content item you want to edit from the Marketplace.

Which two solutions are available to scale an overloaded XSOAR environment? (Choose two.)

A.

Add a distributed database server

B.

Add an indexing server

C.

Add a live backup server (disaster recovery)

D.

Add an engine

What is an example of a generic reputation command?

A.

!ip

B.

!getReputation

C.

!reputation

D.

!enrichIndicator

After enriching a username using Active Directory, an engineer would like to send an email to the user’s manager. However, this functionality is not part of the command output. The engineer checks with raw- response=true and notices that the manager’s email is returned, but not saved in the context.

How can the engineer save the data so it will be accessible?

A.

Mark ignore output = true

B.

Use extend-context

C.

Use raw-response = save

D.

Mark ignore input = true

Threat Intel search queries can be shared with which of the following? (Select 1)

A.

Users defined in the platform (email or username)

B.

Other organizations via the Marketplace

C.

Users outside XSOAR via email invite

D.

Roles defined in the platform

When creating an incident layout section, it is best to place long field values within which of the following?

A.

Section headers

B.

Rows

C.

Canvas

D.

Cards