Practice Free PCSAE Exam Online Questions
What is the function of timer SLA fields in Cortex XSOAR?
- A . To track SLA breaches per playbook
- B . To run a script that executes on SLA assignment
- C . To automatically alert the analyst on SLA breach
- D . To count the time between one or more tasks
What is used to trigger playbooks automatically based on the classification of an incident?
- A . Indicator type
- B . Incoming mapper
- C . Incident types
- D . Integration configuration
Which three options can be defined in the layout settings? (Choose three.)
- A . Set of fields to present
- B . Permission to view the tab based on ‘Users’
- C . Permission to view the tab based on ‘Roles’
- D . Delete built-in tabs including the war room
- E . Dynamic sections
Which two methods will allow data to be saved in incident fields within a playbook? (Choose two.)
- A . setFields
- B . Field mapping
- C . setIncident
- D . Layout inline editing
An Engineer wants to filter a csvList value according to a dynamic value saved under the test context key.
Which three values would save the test context key? (Choose three.)
- A . Get csvList.value where csvList.value equals test [from previous tasks]
- B . Get csvList.value where csvList.value equals ${test} [from previous tasks]
- C . Get csvList.value where csvList.value equals test {}[from previous tasks]
- D . Get csvList.value where csvList.value equals test [as value]
- E . Get csvList.value where csvList.value equals ${test} [as value]
What are two main uses of context data? (Choose two.)
- A . Store incident information in JSON format
- B . Store incident information in XML format
- C . Pass data between playbook tasks
- D . Pass data between to-do tasks
Which three statements are true about the Marketplace? (Choose three.)
- A . Allows reverting back to a previous version of a content pack
- B . Enables users to participate in the community by sharing content
- C . Publishes content without additional review from the Cortex XSOAR team
- D . Allows uploading of content in additional languages
- E . Offers granularity in installation through content packs
Which two causes may be occurring if an integration test is working, but the integration is not fetching incidents? (Choose two.)
- A . The ’Fetches Incidents’ option may not have been enabled
- B . There are no new events from the external service
- C . The first fetch should be manually triggered to start the fetching process
- D . It can take up to 1-hour before incidents are initially fetched
An analyst runs the following command in a playbook task:
!ip ip=1.1.1.1
Which extraction mode needs to be enabled on the Advanced tab of the playbook task to synchronously extract indicators from the results of this command?
- A . Synchronous
- B . Extract
- C . Out of band
- D . Inline