- All Exams Instant Download
Which method accesses a field called ‘User Mail’ in a playbook?
Which method accesses a field called ‘User Mail’ in a playbook?A . ${incident.usermail} B. ${incident.User Mail} C. ${incident.UserMail} D. ${usermail}View AnswerAnswer: A
What is the default configuration for indicator auto-extraction when incidents are created?
What is the default configuration for indicator auto-extraction when incidents are created?A . Inline B. Inband C. None D. Out of bandView AnswerAnswer: A
How would context data be filtered to receive only malicious indicator values with DBotScore?
How would context data be filtered to receive only malicious indicator values with DBotScore?A . Get DBotScore.value where DBotScore.Score (Larger or equals) 4 B. Get DBotScore.value where DBotScore.Score (equals (int)) 3 C. Get DBotScore where DBotScore.Score (Larger than) 1 D. Get DBotScore where DBotScore.Score (Larger or equals) 2View AnswerAnswer: B...
Which of the following are valid methods to contribute custom content? (Choose three.)
Which of the following are valid methods to contribute custom content? (Choose three.)A . Submit content directly through feature requests B. Private GitHub repository submission for premium content C. A Github pull request on the public XSOAR Content Repository D. Using the marketplace interface to upload the content E. Using...
Match the operations with the appropriate context
DRAG DROP Match the operations with the appropriate context. View AnswerAnswer:
How can the field be accessed?
An incident field is created having the display name as Source_IP. How can the field be accessed?A . ${incident.sourceip} B. ${incident.Source_IP} C. ${incident.srcip} D. ${incident.Source IP}View AnswerAnswer: C
How long is the trial period for paid content packs?
How long is the trial period for paid content packs?A . 30 days B. 14 days C. 7 days D. 60 daysView AnswerAnswer: A Explanation: Reference: https://docs.paloaltonetworks.com/cortex/cortex-xsoar/6-0/cortex-xsoar-admin/marketplace/marketplace-subscriptions.html
Which tag must be applied to an Automation Script in order for it to be available when configuring an Indicator Type?
Which tag must be applied to an Automation Script in order for it to be available when configuring an Indicator Type?A . reputation-script B. enrich C. reputationScript D. reputationView AnswerAnswer: C
Which two components have their own context data? (Choose two.)
Which two components have their own context data? (Choose two.)A . Sub-playbook B. Task C. Field D. IncidentView AnswerAnswer: A,D
In Cortex XSOAR multi tenant setup, when content from a development server is pushed to the remote repository, where in the production server can the updates be found?
In Cortex XSOAR multi tenant setup, when content from a development server is pushed to the remote repository, where in the production server can the updates be found?A . Main Account B. Tenants C. Agent tools D. MarketplaceView AnswerAnswer: B Explanation: Reference: https://docs-cortex.paloaltonetworks.com/r/Cortex-XSOAR/6.6/Cortex-XSOAR-Multi-Tenant-Guide/Configure-a-Remote-Repository-on-the-Main-Account
