New Year Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Paloalto Networks
  3. Security Operations
  4. XSOAR-Engineer
  5. Palo Alto Networks XSOAR Engineer Questions and Answers

Pass the Paloalto Networks Security Operations XSOAR-Engineer Questions and answers with CertsForce

 Paloalto Networks Exams      Go to Exam Detail      Get Premium Access
Viewing page 3 out of 7 pages
Viewing questions 21-30 out of questions
Questions # 21:

When using the playbook debugger, what may be the cause of a starred incident missing from the Test Data selections?.

Options:
A.

Closed incidents are not visible in the debugger.

B.

Starred incidents are not visible in the debugger.

C.

The incident type is set incorrectly.

D.

The incident has been restricted.

Expert Solution
Questions # 22:

Which option is available in XSOAR to create the body of a Threat Intel Report?

Options:
A.

Markdown

B.

Grid Fields

C.

DOC format

D.

Javascript

Expert Solution
Questions # 23:

To avoid exceeding API quotas for third-party services, indicators are only updated after the indicator cache expiration period. What is the default cache expiration period for indicators in XSOAR (minutes/days)?

Options:
A.

10,080 minutes (7 days)

B.

20,160 minutes (14 days)

C.

21,600 minutes (15 days)

D.

4,320 minutes (3 days)

Expert Solution
Questions # 24:

Based on the images below,

Question # 24

what will be the result of the Filters and Transformers?.

Options:
A.

Selma Moon.

B.

Richardson Morales.

C.

Hubbard Wilcox.

D.

Michael Henderson.

Expert Solution
Questions # 25:

Which of these would be the most operationally efficient repository for moving XSOAR custom content from a development server to a production environment?

Options:
A.

A content repository specified in the Marketplace

B.

Remote git repository specified in the dev-prod configuration parameters

C.

The development server's default repository

D.

Cortex XSOAR public content repository

Expert Solution
Questions # 26:

Which two methods will allow data to be saved in incident fields within a playbook? (Choose two.)

Options:
A.

setFields

B.

Field mapping

C.

setIncident

D.

Layout inline editing

Expert Solution
Questions # 27:

Which two components have their own context data? (Choose two.)

Options:
A.

Sub-playbook

B.

Task

C.

Field

D.

Incident

Expert Solution
Questions # 28:

Within the playbook editor, which function allows a user to associate a task output to an incident field?.

Options:
A.

Classification.

B.

Inputs.

C.

Extend context.

D.

Mapping.

Expert Solution
Questions # 29:

While testing a custom integration, an XSOAR engineer noticed that the incident fetch interval is missing. How can this be fixed?

Options:
A.

Define the Incident Fetch Interval when running the integration’s commands.

B.

Duplicate the integration. Edit the resulting copy and add incidentFetchInterval as a parameter. Save the integration. Configure the new integration instance with the interval required.

C.

Configure the application to send incidents on the required interval.

D.

Duplicate the integration. Add the interval in the code. Save the integration and Configure the new integration instance with the interval required.

Expert Solution
Questions # 30:

Which playbook will a job run by default?

Options:
A.

The playbook assigned to the incident type

B.

The playbook assigned to the indicator type

C.

The playbook assigned during pre-processing

D.

The playbook assigned by the integration

Expert Solution
Viewing page 3 out of 7 pages
Viewing questions 21-30 out of questions