• ホーム
  • ブログ
  • ガイド(2023年最新)実際のPalo Alto Networks PCSAE試験問題 [Q88-Q106]

ガイド(2023年最新)実際のPalo Alto Networks PCSAE試験問題 [Q88-Q106]

Share

ガイド(2023年最新)実際のPalo Alto Networks PCSAE試験問題

PCSAE試験問題集合格させるのは更新されたのは2023年年最新の認証済み試験問題


この試験は、セキュリティソリューションの主要な提供者であるPalo Alto Networksによって実施されています。Palo Alto Networksは、世界中の組織に利用される高品質のセキュリティソリューションを提供することで評判があります。PCSAE認定は、同社が高品質のセキュリティソリューションを提供することへの取り組みと、今日の高速なデジタル世界におけるセキュリティ自動化の重要性を示すものです。

 

質問 # 88
Which task type would be used to verify/check that an integration was enabled?

  • A. Conditional task
  • B. Standard task
  • C. Data Collection task
  • D. Section Header task

正解:C


質問 # 89
Match the action with the most appropriate playbook task type.

正解:

解説:

Explanation

https://www.jaacostan.com/2021/02/palo-alto-cortex-xsoar-playbook-icons.html


質問 # 90
What are two common use cases for conditional tasks? (Choose two.)

  • A. They are used for sending a specific question to a person or team
  • B. They are used to determine which incident will be executed
  • C. They are used to interact with users through survey functionality
  • D. They are used for branching paths in a playbook

正解:B、D


質問 # 91
When developing the playbook, which of the following can be used by a XSOAR Administrator?

  • A. Debugger panel and XML data from a similar incident with New Mock Incident. This will not affect the incidents original incident data.
  • B. The Debugger panel to test data with one of last fifty incidents. This will not affect the incident's original incident data.
  • C. Context data from existing incidents by exporting the YAML data from incidents and importing it to playbook editor.
  • D. The Debugger panel to test data with one of last five incidents. This will affect the incident's original incident data.

正解:A


質問 # 92
Can an automation script execute an integration command and an integration command execute an automation script?

  • A. An automation script cannot execute an integration command and an integration command can execute an automation script
  • B. An automation script cannot execute an integration command and an integration command cannot execute an automation script
  • C. An automation script can execute an integration command and an integration command can execute an automation script
  • D. An automation script can execute an integration command and an integration command cannot execute an automation script

正解:D


質問 # 93
Newly created subplaybooks do not have any inputs, or outputs. What is necessary to make them functional? (Choose two.)

  • A. Open the subplaybook and add inputs or outputs in the Playbook triggered task.
  • B. Map inputs and outputs to the parent playbook and the subplaybook will use the same values.
  • C. The output of the previous task automatically becomes the input of the subplaybook.
  • D. Define input key in the subplaybook task. Map context values to pull from parent playbook.

正解:A、D


質問 # 94
An XSOAR engineer has been tasked with exporting all indicators from the production environment in the last 90 days. The final report needs to be in CSV format containing all indicator fields. How can this task be achieved?

  • A. Run the command !findIndicators in CLI with the query firstSeen:>="90 days ago" and export to CSV.
  • B. SSH into the server and copy the indicator's database.
  • C. Run the command !GetIndicatorsByQuery in CLI with its default arguments and export all indicators in the last 90 days.
  • D. In the Threat Intel page, add query firstSeen:>="90 days ago", select All columns in Table View, and click Export to export as a CSV.

正解:D


質問 # 95
How can Cortex XSOAR administrators prevent junior analysts from viewing a senior analyst dashboard?

  • A. Share the dashboard in Read & Edit mode for senior analysts and Read Only for juniors analysts.
  • B. Share the dashboard in Read Only mode for junior analysts and senior analysts.
  • C. Share the dashboard in Read and Write mode for senior analysts.
  • D. Share the dashboard in Read and Edit mode for senior analysts.

正解:A


質問 # 96
Where can engineers add the post-processing scripts to incidents?

  • A. Post-processing scripts must be added from the Incident Type editor
  • B. Post-processing scripts must be added from the Post-Process Rules editor
  • C. Post-processing scripts must be added at the end of playbooks
  • D. The post-processing tag must be added to the automation

正解:A


質問 # 97
Which two components have their own context data? (Choose two.)

  • A. Sub-playbook
  • B. Field
  • C. Task
  • D. Incident

正解:A、D


質問 # 98
Multiple company assets were reported by vulnerability scanners as being vulnerable to CVE-2017-11882. This vulnerability affects applications installed on workstations. The SOC team needs to take action and apply the new vulnerability patch that was just released. The team must first create a cause for each of the identified assets in ServiceNow IT Service Management (ITSM), in order to notify the IT department. Next, the team creates a task in the main playbook, which extracts the list of assets from the scanner report.
After the list of assets are created, what are the two solutions that the SOC team could take so that a case could be created and a patch installed? (Choose two.)

  • A. Set a key for storing the iteration number and create a sub-playbook with a single input containing the computer names that will loop until the last item from the asset list (Exit condition: iterator equal to count of the number of item in the list) and perform the following tasks:
    - Increase the iterator value by one each time
    - Active Directory User Enrichment based on the computerName
    - Create the ServiceNow Record by adding the enrichment information
  • B. Create a sub-playbook with a single input containing the computer names that will loop until the last item from the asset list (Condition: AreValuesEqual - Exit on yes - left:1, right 1) and perform the following tasks:
    - Active Directory User Enrichment based on the computerName
    - Create the ServiceNow Record by adding the enrichment information
    - Mark the ticket severity as Urgent
  • C. Set a key for storing the iteration number and create a sub-playbook with a single input containing the computer names that will loop until the last item from the asset list (Exit condition: iterator contains the count of the number of items in the list) and perform the following tasks:
    - Active Directory User Enrichment based on the computerName
    - Create the ServiceNow Record by adding the enrichment information
    - Mark the ticket severity as Urgent
  • D. Create a sub-playbook with a single input containing the computer names that will loop 'For Each Input' and perform the following tasks:
    - Active Directory User Enrichment based on the computerName
    - Create the ServiceNow Record by adding the enrichment information
    - Mark the ticket severity as Urgent

正解:A、D

解説:
- Mark the ticket severity as Urgent


質問 # 99
Match the operations with the appropriate context.

正解:

解説:


質問 # 100
What is the correct expression to use when filtering only PDF files?

  • A. Use File.Extension contains (general) PDF
  • B. Use File.Extension that does not equal (string comparison) PDF
  • C. Use File.Extension equals (string comparison) PDF
  • D. Use File.Name contains PDF

正解:D


質問 # 101
An engineer notices that playbooks only start once the user clicks the 'investigate' button and he/she would like the playbook to start automatically.
How can this be implemented?

  • A. Add the !startinvestigation automation to the beginning of the playbook
  • B. Select 'Run playbook automatically' from the incident type settings
  • C. Select 'Run playbook automatically' from the integration settings
  • D. Add the playbook to the integration's settings

正解:D


質問 # 102
An administrator wants to run an automation in the War Room to set the incident field "Description" to "Confirmed Phishing". Which command should they enter in the War Room CLI?

  • A. !incidentSet description="Confirmed Phishing"
  • B. /setIncident description=Confirmed Phishing
  • C. /incidentSet description=Confirmed Phishing
  • D. !setIncident description="Confirmed Phishing"

正解:A


質問 # 103
You need to retrieve a list of all malicious hashes over the last 30 days. What is the correct query to use?

  • A. type:File verdict:Malicious sourcetimestamp:>="30 days ago"
  • B. type:File reputation:Malicious sourcetimestamp:"30 days ago"
  • C. type:File verdict:Malicious sourcetimestamp:<="30 days ago"
  • D. type:File reputation:Malicious sourcetimestamp:="30 days ago"

正解:B


質問 # 104
When creating an automation in XSOAR, what is the best way to create a log message?

  • A. Using the demisto.results() function
  • B. Using a debug statement
  • C. Using a print statement
  • D. Using the demisto.debug() function

正解:D


質問 # 105
When mapping incoming data to incident fields, which statement is correct?

  • A. Data that is not mapped is placed under labels
  • B. Every incoming field must be mapped
  • C. Only text fields are classified
  • D. Classification cannot be used if mapping is enabled

正解:B


質問 # 106
......


PCSAE認定は、セキュリティ自動化のスキルを向上させたいセキュリティ専門家を対象としています。試験に合格した候補者は、セキュリティ自動化の分野の専門家として認められ、複雑なセキュリティ自動化ソリューションを設計、開発、および維持することができます。

 

合格させる保証付き無料クイズ2023年最新の実際に出ると確認されたPalo Alto Networks:https://www.goshiken.com/Palo-Alto-Networks/PCSAE-mondaishu.html

関するブログ

もっと
PCSAE無料問題集