PCSAE問題集でリアル試験問題でテストエンジン問題集でトレーニング
Palo Alto Networks PCSAEテスト問題集とオンライン試験エンジン
質問 38
What are two common use cases for conditional tasks? (Choose two.)
- A. They are used for branching paths in a playbook
- B. They are used to determine which incident will be executed
- C. They are used to interact with users through survey functionality
- D. They are used for sending a specific question to a person or team
正解: A,B
質問 39
An incident field is created having the display name as Source_IP. How can the field be accessed?
- A. ${incident.sourceip}
- B. ${incident.Source IP}
- C. ${incident.srcip}
- D. ${incident.Source_IP}
正解: C
質問 40
Which configuration is a valid distributed database (DB) implementation?
- A. 2 application servers, 1 main DB, 1 node server
- B. 1 application server, 2 main DBs, 1 node server
- C. 2 main DBs, 1 application server, 2 node servers
- D. 1 main DB, 1 application server, 3 node servers
正解: A
質問 41
When creating a new tab in the layout, which section cannot be added?
- A. Related incidents
- B. War room entries picked by entry query
- C. Retrieve widget chart based on script
- D. Incident team members
正解: C
質問 42
What is the most effective way to correlate multiple raw events coming from a SIEM and link them together?
- A. Process all alerts by running the respective playbook and link related incidents during post-processing
- B. Configure a pre-process rule to link related events as they are ingested
- C. Ingest all raw events, run a custom script to find the relationship between them and proceed to link them together
- D. Manually go through the incidents created by the raw events and link related incidents
正解: A
質問 43
Where can engineers add the post-processing scripts to incidents?
- A. Post-processing scripts must be added at the end of playbooks
- B. Post-processing scripts must be added from the Post-Process Rules editor
- C. The post-processing tag must be added to the automation
- D. Post-processing scripts must be added from the Incident Type editor
正解: D
質問 44
How would context data be filtered to receive only malicious indicator values with DBotScore?
- A. Get DBotScore.value where DBotScore.Score (Larger or equals) 4
- B. Get DBotScore.value where DBotScore.Score (equals (int)) 3
- C. Get DBotScore where DBotScore.Score (Larger than) 1
- D. Get DBotScore where DBotScore.Score (Larger or equals) 2
正解: B
質問 45
Which two methods will allow data to be saved in incident fields within a playbook? (Choose two.)
- A. Field mapping
- B. setIncident
- C. Layout inline editing
- D. setFields
正解: A,B
質問 46
Which built-in automation/command cab be used to change an incident's type?
- A. Set
- B. setIncident
- C. modifyIncidentFields
- D. GetFieldsByIncidentType
正解: B
質問 47
Which two statements accurately describe layouts? (Choose two.)
- A. Layouts override classification and mapping
- B. Layouts can display incident information and custom fields
- C. New tabs can be added to the incident layout
- D. Layouts add or remove custom fields from an incident type
正解: B,C
質問 48
What happens when an integration is deprecated?
- A. The integration commands in a playbook can be used, but it will fail at runtime
- B. The integration commands in a playbook can no longer be used
- C. The integration commands can be used, but it is recommended to update to the latest content pack
- D. The configuration settings will be lost and the integration will no longer function
正解: D
質問 49
An engineer is developing a playbook that will be run multiple times for testing purposes. What is the recommended first task to be used in the playbook?
- A. GenerateTest
- B. DeleteContext
- C. SetContext
- D. PrintContext
正解: B
質問 50
Which three scripting languages can an engineer use to write XSOAR automations? (Choose three.)
- A. Perl
- B. Powershell
- C. Python
- D. JavaScript
- E. Go
正解: B,C,D
質問 51
Match the operations with the appropriate context.
正解:
解説:
質問 52
What are two main uses of context data? (Choose two.)
- A. Store incident information in XML format
- B. Pass data between to-do tasks
- C. Pass data between playbook tasks
- D. Store incident information in JSON format
正解: C,D
質問 53
Which two statements describe how timers are configured to start and stop automatically in a playbook?
(Choose two.)
- A. After the playbook has run, calculate the total time taken and set the timer field with this value
- B. Use a field of Number to count the number of seconds elapsed between two tasks
- C. From the Timers tab of the playbook task, choose the action for the timer and the timer field to perform the action on
- D. To begin counting time taken, add a task in the playbook with automation startTimer. To end the counting, add a task with automation stopTimer
正解: A,C
質問 54
A SOC manager built a dashboard and would like to share the dashboard with other team members. How would the SOC manager create a dashboard that meets this requirement?
- A. Dashboard is shared to all XSOAR users
- B. Manually share the dashboard through user emails
- C. Propagate the dashboard based on SAML authentication
- D. Dashboard is shared to all XSOAR users in a selected role
正解: D
質問 55
......
Palo Alto Networks PCSAE問題を提供していますPalo Alto Networks Certification問題集と完璧な解答付き:https://www.goshiken.com/Palo-Alto-Networks/PCSAE-mondaishu.html