Labour Day Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia
  1. Home
  2. Paloalto Networks
  3. Palo Alto Certifications and Accreditations
  4. PCSAE
  5. Palo Alto Networks Certified Security Automation Engineer Questions and Answers

PCSAE Sample Questions Answers

Questions 4

An XSOAR Engineer has developed a playbook and would like to contribute it to the XSOAR Marketplace to share with other users.

Which two options are available to the Engineer for contributing to the Marketplace? (Choose two.)

Options:

A.

Open a ticket with the XSOAR support team

B.

Create a pull request directly on Github

C.

Contribute through the XSOAR UI

D.

Send an email to contributions@xsoar.com

Buy Now
Questions 5

You can customize most aspects of the incident layout, including which three of the following? (Choose three.)

Options:

A.

Which users have permissions to view the tabs

B.

Which roles have permissions to view the tabs

C.

Which dashboard settings are applied

D.

The information and how is it displayed

E.

Which tabs appear and in which order

Buy Now
Questions 6

When creating an automation in XSOAR, what is the best way to create a log message?

Options:

A.

Using a debug statement

B.

Using the demisto.debug() function

C.

Using a print statement

D.

Using the demisto.results() function

Buy Now
Questions 7

After executing the DeleteContext automation with all=yes argument, how would the context data of an incident present?

Options:

A.

All the data, including the incident key will be deleted, and the context data will be completely empty.

B.

No difference, the automation cannot be executed manually.

C.

All context data, including custom incident fields will be deleted, system incident fields will remain.

D.

All context data, except the incident key will be deleted.

Buy Now
Questions 8

How can Cortex XSOAR administrators prevent junior analysts from viewing a senior analyst dashboard?

Options:

A.

Share the dashboard in Read and Edit mode for senior analysts.

B.

Share the dashboard in Read & Edit mode for senior analysts and Read Only for juniors analysts.

C.

Share the dashboard in Read and Write mode for senior analysts.

D.

Share the dashboard in Read Only mode for junior analysts and senior analysts.

Buy Now
Questions 9

An analyst runs the following command in a playbook task:

!ip ip=1.1.1.1

Which extraction mode needs to be enabled on the Advanced tab of the playbook task to synchronously extract indicators from the results of this command?

Options:

A.

Synchronous

B.

Extract

C.

Out of band

D.

Inline

Buy Now
Questions 10

Which development languages are supported when creating XSOAR automation scripts?

Options:

A.

C++, Python, Powershell

B.

Ruby, C++, Python

C.

Javascript, Powershell, C++

D.

Python, Powershell, Javascript

Buy Now
Questions 11

An organization has recently acquired another company as its subsidiary. The subsidiary has its infrastructure on AWS cloud as illustrated in the image below:

The organization wants to use the mail server location on the subsidiary's cloud to send emails. Without acquiring additional licenses, which XSOAR component can fulfill the requirement?

Options:

A.

XSOAR D2 Agents, to send the required emails.

B.

An XSOAR engine that is downloaded from the XSOAR server and installed within the subsidiary.

C.

Another XSOAR server that uses the same license as their primary XSOAR server.

D.

A Linux server connected with an XSOAR server using SSH integration. Commands can be run remotely to access the mail server.

Buy Now
Questions 12

How long is the trial period for paid content packs?

Options:

A.

30 days

B.

14 days

C.

7 days

D.

60 days

Buy Now
Questions 13

Threat Intel search queries can be shared with which of the following? (Select 1)

Options:

A.

Users defined in the platform (email or username)

B.

Other organizations via the Marketplace

C.

Users outside XSOAR via email invite

D.

Roles defined in the platform

Buy Now
Questions 14

Incidents need to be filtered by all of the following criteria:

1.Status – Pending

2.Exclude Category – Job

3.Severity – High

4.Owner – None (No owner assigned)

5.Type – Phishing

6.Email Subject – “You have won a million dollars”

What is the correct query syntax for the above incident search filter?

Options:

A.

status==“Pending“ && category!=”job” && severity==”High” && owner==”None” && type==”Phishing” && emailsubject==”You have won a million dollars”

B.

Status:Pending and –Category:job and Severity:High and Owner:”” and Type:Phishing and Email Subject:You have won a million dollars

C.

status:Pending and –category:job and severity:High and owner:”” and type:Phishing and emailsubject:”You have won a million dollars”

D.

status:Pending or –category:job or severity:High or owner:”” or type:Phishing or emailsubject:”You have won a million dollars”

Buy Now
Questions 15

Where would you look to find a personalized view of your own incidents and tasks?

Options:

A.

Incident Summary View

B.

My Incidents

C.

My Threat Landscape

D.

My Dashboard

Buy Now
Questions 16

An engineer defined a dashboard which allows important metrics to be displayed. The engineer would like to make this dashboard the default dashboard.

How can it be accomplished?

Options:

A.

Default Dashboard can be defined by ‘Role’

B.

Use the server configuration key: default.dashboards

C.

Save the dashboard as a widget and apply it to all users

D.

Right click on the dashboard tab and ‘Set as Default’

Buy Now
Questions 17

Which task type would be used to verify/check that an integration was enabled?

Options:

A.

Standard task

B.

Conditional task

C.

Section Header task

D.

Data Collection task

Buy Now
Questions 18

Which two options are the most effective for moving content between two environments? (Choose two.)

Options:

A.

Remote repository based content sharing

B.

UI based content import/export button

C.

Copy the content backup from one environment file system (/var/lib/demisto/backup/content- backup-*) and move it to the other environment

D.

Download the content items separately and upload them to the other environment

Buy Now
Questions 19

In Cortex XSOAR multi tenant setup, when content from a development server is pushed to the remote repository, where in the production server can the updates be found?

Options:

A.

Main Account

B.

Tenants

C.

Agent tools

D.

Marketplace

Buy Now
Questions 20

What are three different loop types in a playbook? (Choose three.)

Options:

A.

Automation

B.

Built-in

C.

Data collection

D.

Conditional

E.

For-each

Buy Now
Questions 21

Which three support types are included in the Marketplace Content Packs? (Choose three.)

Options:

A.

Customer supported

B.

Contex XSOAR supported

C.

Community supported

D.

Partner supported

E.

Prisma Cloud supported

Buy Now
Questions 22

An XSOAR engineer has been tasked with exporting all indicators from the production environment in the last 90 days. The final report needs to be in CSV format containing all indicator fields. How can this task be achieved?

Options:

A.

Run the command !GetIndicatorsByQuery in CLI with its default arguments and export all indicators in the last 90 days.

B.

SSH into the server and copy the indicator's database.

C.

In the Threat Intel page, add query firstSeen:>="90 days ago", select All columns in Table View, and click Export to export as a CSV.

D.

Run the command !findIndicators in CLI with the query firstSeen:>="90 days ago" and export to CSV.

Buy Now
Questions 23

Which three options can be defined in the layout settings? (Choose three.)

Options:

A.

Set of fields to present

B.

Permission to view the tab based on ‘Users’

C.

Permission to view the tab based on ‘Roles’

D.

Delete built-in tabs including the war room

E.

Dynamic sections

Buy Now
Exam Code: PCSAE
Exam Name: Palo Alto Networks Certified Security Automation Engineer
Last Update: Apr 25, 2024
Questions: 156
$64  $159.99
$48  $119.99
$40  $99.99
buy now PCSAE