PCSAEブレーン問題集リアル試験最新問題2023年03月05日には158問題 [Q75-Q99]

PCSAEブレーン問題集リアル試験最新問題2023年03月05日には158問題

最新PCSAEのPDF問題集リアル無料テスト本日更新です

質問 75
When creating a new tab in the layout, which section cannot be added?

A. Incident team members
B. Retrieve widget chart based on script
C. Related incidents
D. War room entries picked by entry query

正解: B

質問 76
An engineer would like to add a custom field to the New Job form for a job triggered from a threat intel feed.
How would the engineer implement this?

A. The new job form changes based on the threat intel feed integration configuration
B. The new job form can be edited from the Indicator Feed incident type editor
C. The new job form for a threat intel feed job cannot be edited
D. The new job form can be edited from the threat intel feeds integration settings

正解: B

質問 77
What is the difference between labels and fields?

A. Labels are indexed in the database and fields are not
B. Fields are indexed in the database and labels are not
C. Fields can be used in playbooks and labels cannot
D. Labels can be used in queries and fields cannot

正解: D

質問 78
An engineer would like to present a trend using widgets to compare to a previous week's data. Which two methods will allow the engineer to meet the requirement? (Choose two.)

A. Create widget of type Line, check 'Display Trend' and define as 7 days ago
B. Create widget of type Number, check 'Display Trend' and define as 7 days ago
C. Create a custom widget using a new incident query
D. Create a custom widget using a script

正解: A,D

質問 79
An automation returned an output called: csvReport.
What filter would be used to check if the automation returned results?

A. In/In list
B. Contains/Includes
C. Equals/Matches
D. Is defined/Exist

正解: D

解説:
This filter will be used to check if the automation returned results, as it checks to see if the output variable called csvReport is defined and exists. If it is, then the automation returned results.

質問 80
An engineer notices that playbooks only start once the user clicks the 'investigate' button and he/she would like the playbook to start automatically.
How can this be implemented?

A. Add the playbook to the integration's settings
B. Select 'Run playbook automatically' from the integration settings
C. Select 'Run playbook automatically' from the incident type settings
D. Add the !startinvestigation automation to the beginning of the playbook

正解: C

質問 81
Which two advanced attributes can be applied to incident fields when editing? (Choose two.)

A. Change field name
B. Associate to an incident type
C. Change field type
D. Set a field trigger script

正解: B,D

質問 82
Match the action with the most appropriate playbook task type.

正解:

解説:

Explanation

https://www.jaacostan.com/2021/02/palo-alto-cortex-xsoar-playbook-icons.html

質問 83
In which two ways can data be transferred between playbooks and sub-playbooks? (Choose two.)

A. Through integration context
B. Inputs and outputs
C. From context data, if context is shared globally
D. Automatically extracted by sub-playbooks

正解: B,C

質問 84
Which three options can be defined in the layout settings? (Choose three.)

A. Permission to view the tab based on 'Users'
B. Delete built-in tabs including the war room
C. Permission to view the tab based on 'Roles'
D. Dynamic sections
E. Set of fields to present

正解: C,D,E

質問 85
Which of these would be the most operationally efficient repository for moving XSOAR custom content from a development server to a production environment?

A. The development server's default repository
B. Cortex XSOAR public content repository
C. Remote git repository specified in the dev-prod configuration parameters
D. A content repository specified in the Marketplace

正解: C

質問 86
Which two capabilities do Automation script settings include? (Choose two.)

A. Set password protection
B. Define 'outputs'
C. Define 'parameters'
D. Correlate to incident types

正解: A,B

質問 87
Given an incident with three files, how could the name of the second file be referenced?

A. ${File.Name.[1]}
B. ${Files.Name.[2]}
C. ${File.[1].Name}
D. ${Files.[2].Name}

正解: B

質問 88
What is the most effective way to correlate multiple raw events coming from a SIEM and link them together?

A. Process all alerts by running the respective playbook and link related incidents during post-processing
B. Ingest all raw events, run a custom script to find the relationship between them and proceed to link them together
C. Configure a pre-process rule to link related events as they are ingested
D. Manually go through the incidents created by the raw events and link related incidents

正解: C

質問 89
When mapping incoming data to incident fields, which statement is correct?

A. Only text fields are classified
B. Every incoming field must be mapped
C. Data that is not mapped is placed under labels
D. Classification cannot be used if mapping is enabled

正解: B

質問 90
During configuration of the inputs of a sub-playbook in the main playbook, there is an option under the Loop tab called "For Each Input". What is this option used to?

A. To loop the sub-playbook over all the fields marked as important
B. To loop the sub-playbook over all context values present in the investigation
C. To loop the sub-playbook over all incident fields for the given incident
D. To loop the sub-playbook over all defined sub-playbook inputs

正解: D

質問 91
Given an incident with three files, how could the name of the second file be referenced?

A. ${File.Name.[1]}
B. ${File.[1].Name}
C. ${Files.[2].Name}
D. ${Files.Name.[2]}

正解: A

質問 92
Which three support types are included in the Marketplace Content Packs? (Choose three.)

A. Partner supported
B. Contex XSOAR supported
C. Community supported
D. Customer supported
E. Prisma Cloud supported

正解: A,B,C

質問 93
Can an automation script execute an integration command and an integration command execute an automation script?

A. An automation script can execute an integration command and an integration command cannot execute an automation script
B. An automation script cannot execute an integration command and an integration command can execute an automation script
C. An automation script cannot execute an integration command and an integration command cannot execute an automation script
D. An automation script can execute an integration command and an integration command can execute an automation script

正解: A

質問 94
Reliability scores in XSOAR range from A through F. What do A and F stand for?

A. F - Not usually reliable, A - Fairly Reliable
B. F - Reliability cannot be judged, A - Completely Reliable
C. F - Not reliable, A - Usually Reliable
D. F - Unreliable, A - Completely Reliable

正解: D

質問 95
What is used to trigger playbooks automatically based on the classification of an incident?

A. Indicator type
B. Incident types
C. Integration configuration
D. Incoming mapper

正解: B

質問 96
In which two scenarios would it be appropriate to implement a loop for a sub-playbook? (Choose two.)

A. In repetitive process flows with no more than 10 loops
B. In repetitive process flows to iterate for each playbook input
C. When continuously ingesting incidents from third-party systems
D. In repetitive processes that requires sub-playbook re-execution

正解: B,C

質問 97
Where are incident layouts customized?

A. Settings > Object Setup > Indicators > Layouts
B. Settings > Object Setup > Incidents > Layouts
C. Settings > Advanced > Incident Layouts
D. Settings > Integrations > Instance configuration

正解: B

質問 98
Select the correct incident life cycle on XSOAR.

A. Planning > Incident Ingestion > Pre-processing > Mapping and Classification > Incident Creation > Playbook runs > Post-processing
B. Planning > Incident Ingestion > Incident Creation > Mapping and Classification > Pre-processing > Playbook runs > Post-processing
C. Planning > Incident Ingestion > Mapping and Classification > Pre-processing > Incident Creation > Playbook runs > Post-processing
D. Planning > Incident Ingestion > Pre-processing > Incident Creation > Mapping and Classification > Playbook runs > Post-processing

正解: C

質問 99
......

PCSAE問題集には100%厳密検証された問題と解答で合格保証もしくは全額返金：https://www.goshiken.com/Palo-Alto-Networks/PCSAE-mondaishu.html

関するブログ

もっと

PCSAE無料問題集