PCSAE MCQs and Practice Test

PCSAE MCQs

PCSAE TestPrep PCSAE Study Guide PCSAE Practice Test PCSAE Exam Questions

killexams.com Palo-Alto PCSAE

Palo Alto Networks Certified Security Automation Engineer

https://killexams.com/pass4sure/exam-detail/PCSAE

Question: 455

An engineer would like to change an incident’s SLA according to the severity field changes . How can the engineer achieve this task?

1. Use a field trigger script

2. Use a field display script

3. Create a job that queries for incident severity changes

4. Change the SLA manually every time the severity changes

Answer: B Explanation:

Reference: https://xsoar.pan.dev/docs/incidents/incident-fields

Question: 456

What are two common use cases for conditional tasks? (Choose two.)

1. They are used for branching paths in a playbook

2. They are used to interact with users through survey functionality

3. They are used to determine which incident will be executed

4. They are used for sending a specific QUESTION NO: to a person or team

Answer: A,C Explanation:

Reference: https://docs-new.paloaltonetworks.com/cortex/cortex-xsoar/5-5/cortex-xsoar-admin/cortex-xsoar- overview/use-cases.html#id7b31e50b-5aca-4d65-bdb5-ba61b4eac0b4

Question: 457

In which two scenarios would it be appropriate to implement a loop for a sub-playbook? (Choose two.)

1. In repetitive process flows to iterate for each playbook input

2. When continuously ingesting incidents from third-party systems

3. In repetitive process flows with no more than 10 loops

4. In repetitive processes that requires sub-playbook re-execution

Answer: A,B

Question: 458

Which two statements describe how timers are configured to start and stop automatically in a playbook? (Choose two.)

1. Use a field of Number to count the number of seconds elapsed between two tasks

2. After the playbook has run, calculate the total time taken and set the timer field with this value

3. To begin counting time taken, add a task in the playbook with automation startTimer. To end the counting, add a task with automation stopTimer

4. From the Timers tab of the playbook task, choose the action for the timer and the timer field to perform the action on

Answer: B,D

Question: 459 DRAG DROP

Arrange these steps in the order that they occur during an incident fetch.

Answer:

Question: 460

DRAG DROP

Match the action with the most appropriate playbook task type.

Answer:

Explanation:

https://www.jaacostan.com/2021/02/palo-alto-cortex-xsoar-playbook-icons.html

Question: 461

A large number of incidents were deleted by mistake.

Which two architecture components can be used to recover the lost data? (Choose two.)

1. Live backup

2. Engine

3. Distributed database

4. Local backup

Answer: A,B Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/disaster-recovery-and-live- backup/disaster-recovery-and-backup-overview.html

Question: 462

Which three options can be defined in the layout settings? (Choose three.)

1. Set of fields to present

2. Permission to view the tab based on ‘Users’

3. Permission to view the tab based on ‘Roles’

4. Delete built-in tabs including the war room

5. Dynamic sections

Answer: A,C,E Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-1/cortex-xsoar-admin/incidents/customize- incident-view-layouts/customize-incident-layouts.html

Question: 463

What is the default task type when creating an empty task?

1. Standard (Manual)

2. Conditional

3. Section header

4. Standard (Automated)

Answer: B Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/5-5/cortex-xsoar-admin/playbooks/playbook- tasks/playbook-task-fields.html

Question: 464

In which two locations can filters and transformers be used in XSOAR? (Choose two.)

1. Classification and Mapping

2. Playbook Tasks

3. Evidence Fields

4. Incident Fields

Answer: B,D Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/playbooks/filters-and- transformers.html

Question: 465

Which three statements are true about the Marketplace? (Choose three.)

1. Allows reverting back to a previous version of a content pack

2. Enables users to participate in the community by sharing content

3. Publishes content without additional review from the Cortex XSOAR team

4. Allows uploading of content in additional languages

5. Offers granularity in installation through content packs

Which two statements accurately describe layouts? (Choose two.)

1. Layouts override classification and mapping

2. New tabs can be added to the incident layout

3. Layouts can display incident information and custom fields

4. Layouts add or remove custom fields from an incident type

Answer: B,C

Question: 467

What are three different loop types in a playbook? (Choose three.)

1. Automation

2. Built-in

3. Data collection

4. Conditional

5. For-each

Answer: C,D,E

Question: 468

Which built-in automation/command cab be used to change an incident’s type?

1. setIncident

2. Set

3. GetFieldsByIncidentType

4. modifyIncidentFields

Answer: A Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/5-5/cortex-xsoar-admin/incidents/incidents- management/incident-fields/field-trigger-scripts.html

Question: 469

Which two components have their own context data? (Choose two.)

1. Sub-playbook

2. Task

3. Field

4. Incident

Which two capabilities do Automation script settings include? (Choose two.)

1. Define ‘parameters’

2. Correlate to incident types

3. Define ‘outputs’

4. Set password protection

Answer: B,D

Question: 471

Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)

1. Python

2. Perl

3. Go

4. JavaScript

5. Powershell

Answer: A,D,E Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/playbooks/automations.html

Question: 472

In which two options can an automation script be executed? (Choose two.)

1. Engine

2. Integration

3. War room

4. Playbook

Answer: C,D Explanation:

Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/playbooks/automations.html

KILLEXAMS.COM

Killexams.com is a leading online platform specializing in high-quality certification exam preparation. Offering a robust suite of tools, including MCQs, practice tests, and advanced test engines, Killexams.com empowers candidates to excel in their certification exams. Discover the key features that make Killexams.com the go-to choice for exam success.

Exam Questions:

Killexams.com provides exam questions that are experienced in test centers. These questions are updated regularly to ensure they are up-to-date and relevant to the latest exam syllabus. By studying these questions, candidates can familiarize themselves with the content and format of the real exam.

Exam MCQs:

Killexams.com offers exam MCQs in PDF format. These questions contain a comprehensive

collection of questions and answers that cover the exam topics. By using these MCQs, candidate can enhance their knowledge and improve their chances of success in the certification exam.

Practice Test:

Killexams.com provides practice test through their desktop test engine and online test engine. These practice tests simulate the real exam environment and help candidates assess their readiness for the actual exam. The practice test cover a wide range of questions and enable candidates to identify their strengths and weaknesses.

Guaranteed Success:

Killexams.com offers a success guarantee with the exam MCQs. Killexams claim that by using this materials, candidates will pass their exams on the first attempt or they will get refund for the purchase price. This guarantee provides assurance and confidence to individuals preparing for certification exam.

Updated Contents:

Killexams.com regularly updates its question bank of MCQs to ensure that they are current and reflect the latest changes in the exam syllabus. This helps candidates stay up-to-date with the exam content and increases their chances of success.