XSOAR-Engineer試験無料問題集（206題）「Palo Alto Networks XSOAR Engineer 認定」

出題：1

How long is the trial period for paid content packs?

A. 60 days

B. 30 days

C. 7 days

D. 14 days

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

A playbook loop that interacts with Active Directory for user details (yielding extensive data) is altered to extract newly acquired indicators of compromise (IOCs). This change results in two critical issues:
* Rate limits being hit on integrated reputation services
* Incidents associated with hundreds of indicators
Given the settings below, what would prevent the issues in this use case?
Incident Type: AD-Analysis -
Extract Indicators on Incident Creation: Use System Default (None)
Extract Indicators on Field Change: Inline
Task 1: ad-get-user -
Mark results as note: False -
Indicator Extract Mode: Inline -
Quiet Mode: False -
Task 2: ad-disable-account -
Mark results as note: True -
Indicator Extract Mode: None -
Quiet Mode: True -
Task 3: servicenow-update-ticket -
Mark results as note: False -
Indicator Extract Mode: Use System Default
Quiet Mode: False

A. Set ad-get-user indicator extraction mode to None.

B. Set AD-Analysis incident creation extraction to "Extract specific indicators."

C. Set servicenow-update-ticket indicator extraction mode to Inline.

D. Disable the feature that allows marking task outputs as notes.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Which two capabilities do Automation script settings include? (Choose two.)

A. Define 'parameters'

B. Correlate to incident types

C. Set password protection

D. Define 'outputs'

正解：C,D 解答を投票する

出題：4

In order to automatically run a playbook on the indicators fetched by an integration, what would an XSOAR Administrator setup?

A. REST API job

B. Cron job

C. Feed triggered job

D. Time triggered job

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Assuming an incident type configuration runs the associated playbook automatically, which pre-process rule action can preserve matching incidents without triggering the playbook?.

A. Link.

B. Drop.

C. Update.

D. Close.

正解：A 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Which configuration is a valid distributed database (DB) implementation?

A. 2 main DBs, 1 application server, 2 node servers

B. 2 application servers, 1 main DB, 1 node server

C. 1 main DB, 1 application server, 3 node servers

D. 1 application server, 2 main DBs, 1 node server

正解：C 解答を投票する

出題：7

Which of the following are valid methods to contribute custom content? (Choose three.)

A. Private GitHub repository submission for premium content

B. Submit content directly through feature requests

C. Using the marketplace interface to upload the content

D. Using the content submission tool on live.paloaltonetworks.com

E. A Github pull request on the public XSOAR Content Repository

正解：C,D,E 解答を投票する

出題：8

Where can engineers add the post-processing scripts to incidents?

A. The post-processing tag must be added to the automation

B. Post-processing scripts must be added from the Post-Process Rules editor

C. Post-processing scripts must be added from the Incident Type editor

D. Post-processing scripts must be added at the end of playbooks

正解：C 解答を投票する

出題：9

Which two reasons would lead an engineer to create a custom widget? (Choose two.)

A. To visualize a custom query

B. To visualize XSOAR list data

C. To visualize complex incident data calculations

D. To visualize context data

E. To visualize server configuration keys

正解：A,D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：10

Within the playbook editor, which function allows a user to associate a task output to an incident field?.

A. Mapping.

B. Extend context.

C. Inputs.

D. Classification.

正解：B 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：11

What happens if both a Classifier and Incident Type are configured in an integration instance's settings?

A. The administrator will receive a notification that there is both a Classifier and Incident Type set for that integration instance.

B. The Classifier will be ignored, and incoming incidents will be classified according to the Incident Type.

C. The Incident Type will be ignored, and incoming incidents will be classified according to the Classifier.

D. Both the Classifier and Incident Type will classify incoming incidents.

正解：D 解答を投票する

XSOAR-Engineer試験無料問題集「Palo Alto Networks XSOAR Engineer 認定」