Practice Free PCSAE Exam Online Questions
While testing a custom integration, an XSOAR engineer noticed that the incident fetch interval is missing.
How can this be fixed?
- A . Define the Incident Fetch Interval when running the integration’s commands.
- B . Duplicate the integration. Edit the resulting copy and add incidentFetchInterval as a parameter. Save the integration. Configure the new integration instance with the interval required.
- C . Configure the application to send incidents on the required interval.
- D . Duplicate the integration. Add the interval in the code. Save the integration and Configure the new integration instance with the interval required.
During configuration of the inputs of a sub-playbook in the main playbook, there is an option under the Loop tab called "For Each Input".
What is this option used to?
- A . To loop the sub-playbook over all context values present in the investigation
- B . To loop the sub-playbook over all incident fields for the given incident
- C . To loop the sub-playbook over all the fields marked as important
- D . To loop the sub-playbook over all defined sub-playbook inputs
When browsing the Marketplace for new content packs, which details about each pack are you able to view?
- A . The integration’s source code
- B . A summary of each version history
- C . A test instance for the content pack
- D . The source code of each playbook
An engineer notices that playbooks only start once the user clicks the ‘investigate’ button and he/she would like the playbook to start automatically.
How can this be implemented?
- A . Add the playbook to the integration’s settings
- B . Select ‘Run playbook automatically’ from the incident type settings
- C . Add the !startinvestigation automation to the beginning of the playbook
- D . Select ‘Run playbook automatically’ from the integration settings
A large number of incidents were deleted by mistake.
Which two architecture components can be used to recover the lost data? (Choose two.)
- A . Live backup
- B . Engine
- C . Distributed database
- D . Local backup
What are the three ways to add/mark entries as evidence inside the Evidence Board? (Choose three.)
- A . Manually directly from the War Room with the Actions drop-down
- B . From the Notes section (mark as entry icon)
- C . Manually from the playbook task (mark as entry icon)
- D . Automatically from playbook tasks when the option is selected on the Advanced tab
- E . By running the command !MarkAsEvidence
You can customize most aspects of the incident layout, including which three of the following? (Choose three.)
- A . Which users have permissions to view the tabs
- B . Which roles have permissions to view the tabs
- C . Which dashboard settings are applied
- D . The information and how is it displayed
- E . Which tabs appear and in which order
Which built-in automation/command cab be used to change an incident’s type?
- A . setIncident
- B . Set
- C . GetFieldsByIncidentType
- D . modifyIncidentFields
Which three support types are included in the Marketplace Content Packs? (Choose three.)
- A . Customer supported
- B . Contex XSOAR supported
- C . Community supported
- D . Partner supported
- E . Prisma Cloud supported
Which option is available in XSOAR to create the body of a Threat Intel Report?
- A . Markdown
- B . Grid Fields
- C . DOC format
- D . Javascript